{"report_id":"201f61dd-adb3-40fa-b216-6f909eabc669","version":6,"status":"done","tags":[],"date":"2025-11-19T10:57:28Z","url":{"schema":"http","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":0,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"title":"火烧云 - 极速稳定的网络加速器","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":0,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-24T10:57:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"alqard2u.com","ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"domain_registered":"2025-02-11","domain_rank":0,"first_seen":"2025-11-19T10:57:29.351709Z","last_seen":"2025-11-19T10:57:29.351709Z","alert_count":49,"request_count":49,"received_data":2278668,"sent_data":21577,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"hm.baidu.com","ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"domain_registered":"1999-10-11","domain_rank":54491,"first_seen":"2012-05-26T08:38:45Z","last_seen":"2025-11-17T00:13:10.547488Z","alert_count":0,"request_count":2,"received_data":30879,"sent_data":1190,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"92eeb984912b997ed669c8f73bcdbda4","sha1":"f6ae85cc86efe87dc637048cffacb057b9c2edbc","sha256":"407535ef863a85b297226d285f4f9a7e1635015f96f5202378e4fbf71859b4e5","sha512":"3780e5045d70b488c8e2f562421a7a9e132f5234949da0e18bef86f4418d7515e574c7fb4f8ef49cc813a649845f2c4b92c9a6e10c25f58b7e3a6e9efbe358b1","ssdeep":"","tlshash":"ed4000000000000300c0c0000000000c3000000000000c0c0000000000000c00030003","size":7,"data":"","first_seen":"2023-03-14T07:25:50Z","last_seen":"2026-04-20T08:34:39.054609Z","times_seen":324,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"f753739853cbc55e40ff7e7bfe9f6551","sha1":"890a0c4b1eadccd6a2efa0f3d50f0a128a6d8de7","sha256":"e97c436b6f8e53590a0511941ff12574f3800a7e7838d829dff7ef53b355c835","sha512":"7ff5902cc3d9706d0ea53799bf2607e31e7cd73d26d2cd8f67e1f0a393cfefd4aa9dea3146db1aa35e04339c0f703b829bcdfd59b5e247425b06b805569e879d","ssdeep":"","tlshash":"21e0c728bb650430927b655de31fe35959771743b503bd56354cc6584fc0e1c4371545","size":296,"data":"","first_seen":"2025-09-05T16:06:07.02344Z","last_seen":"2026-04-12T08:41:34.31851Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-20T17:51:17.193208Z","times_seen":106800,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?6943b489db7c05ef82cea35b91cb9174","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"c977351e3a0641ad33df69318622d018","sha1":"88f1d044038d72ec180a37f8ec1b1df6ab1485d4","sha256":"c0d3e99fd141458680949672b9aa16b7f3a05fa093022fe55873848bedf88846","sha512":"84d83b8d1e78d7af3b61af98c77072876264c30e17412cd3fea38027e902bab5411617a3ad7f51c7ab8a018aff38b462eb0708262827996e5b66239dee361260","ssdeep":"384:r6JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:r64VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"e3d2d9e9b282713293a324a5153f324af07b5a54bd4968a4f11894c07d38fbb027bfdd","size":29897,"data":"","first_seen":"2025-11-19T10:57:35.19569Z","last_seen":"2025-11-19T10:57:35.19569Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"1c5c9160600df2d96d69a4ea16cec7ed","sha1":"3cf678c9135cc952ba6970ef545035bb757a443f","sha256":"a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808","sha512":"2a298a8c2552c6a6c6f8d3f7327d2e9abfa87a0dbb27e9e528a8539b416155c0860f54f46464dfe7e5d49c7906a9eacdac7e5181b86ef15a83276a8f4fee0546","ssdeep":"","tlshash":"078004d531c35040475331d400571cd4503444f014444d544040d4511c55030d1154dc","size":37,"data":"","first_seen":"2023-04-11T21:49:14Z","last_seen":"2026-04-20T17:51:17.193208Z","times_seen":106800,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tj.ysponge.com/static/js/download5.js","fqdn":"tj.ysponge.com","domain":"ysponge.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"14de70a101b526a8a8a9b1c7caead18a","sha1":"2c00333be4e0cd165414bea725ff54c58ff71653","sha256":"392322c170b04dd8504da1a1278d888a0fd95e4180a1f26f78523fb2033af7bb","sha512":"6e2b60150c7f54ca42fa11a88787d08ac9f3cd3ee3181a196db69fc7180fa1b0813adcbc0ae207c534fca8fbae87ab3bb9287ffcc958247d1815eaf81bc1121f","ssdeep":"","tlshash":"eff076b729a96ccb6bd207a003076c5c814f303f61809d28fa3588991edc3e93023613","size":631,"data":"","first_seen":"2025-11-19T10:57:35.21272Z","last_seen":"2025-11-19T10:57:35.21272Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"2ec370ca0eaf3069dce13df24243d863","sha1":"64c1919bbb18a6d851d1b7772f830320b8ab5cc1","sha256":"6a31a3a39783d09cc53dd9e9baeb4a4fa49be602eef90f6bbb9f78af02688064","sha512":"c24d4cfa5facd73ea7c242f69d6591d785bdbdca73bfc6aa7afe963bf09d4350a4daf0eeeb7ccd482b02d807663cf5d1c6763f0e2e468d8fda9f11213627d49d","ssdeep":"","tlshash":"6290040100513554711530d00134c3dd557df075dc4dd335754f570040c0405c53c401","size":41,"data":"","first_seen":"2023-03-07T01:02:03Z","last_seen":"2026-04-20T17:41:17.226852Z","times_seen":17998,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"8cc67672cad168545bd4e71c3c0dda8f","sha1":"303bdfc1768d673f767ab43f12c42a08a17b6695","sha256":"dad0951db07ef820bf53387c01988b0aeb42f413c7208c779d3b68f1a70e73f2","sha512":"934548088f59d8822bfb2abedba33bac437e081988460eb6a98171a3d745312afd4da28f57e91d37ec0e1337a74008aa96bb997f79bfb0e17615d4945a1c66d3","ssdeep":"192:eKCykq7GCyHyq+ttK2wwKw+8QOSSLENkfCKRRoadCroadUBqwiI+XQvW/BwjVol9:t4mGxyq+HQTWRo5o7BLiI+mc","tlshash":"1e32122e72b66132067fa47ba7df5784363520477406cd1a3eac4a840fd1dd168b2eea","size":11074,"data":"","first_seen":"2025-10-30T09:53:15.577402Z","last_seen":"2026-04-10T23:40:19.239559Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"1e0c4214fabdc2a6ddd4cc26521f0999","sha1":"48ba8ac74abe90060e4055afcfd367afa3ae6199","sha256":"89792eb4270daf072aadc32357d5fba283e3c35fb58dd789568d4aa885a49cd4","sha512":"f09e7c9453b1147467e092554dd90ea486ecbdbac4b424d9b1c4a43e1d7e95b17c74e814acfdac7b37fa433aae491e5fc11e7569512ec3fd66d4deb241d7a5a0","ssdeep":"","tlshash":"7a500000000000030000000c000000000000000000c03c00000300000cc00000030003","size":8,"data":"","first_seen":"2023-03-14T09:28:53Z","last_seen":"2026-04-17T07:49:42.363675Z","times_seen":186,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tj.ysponge.com/static/js/tongji22.js","fqdn":"tj.ysponge.com","domain":"ysponge.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"afa7a01bbd1b9efb1f8d9f523768eab1","sha1":"12af45ba51f0077de007f63ad38d5ad2f8518155","sha256":"401ea584401b66bd5a1b844ffb9b8df2c85beeb78428c8117449616a6b8d4c9b","sha512":"e918844cd3a109fdac81e4eb771618e330711168da42e5d65a3ca6eea5fd2dd6a39063e621ed78324a25dac11bb70c4014866e1142c4ae0b89d35d842bd62cc7","ssdeep":"","tlshash":"dad0971f2c09183823b804ba12bacd8cb1b2658c923d9208a0daf8295874ed4582efc4","size":258,"data":"","first_seen":"2024-08-19T14:43:13.199312Z","last_seen":"2026-04-20T08:34:39.045465Z","times_seen":361,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"799a87d58aa5517e11e96e0db3ca3cbf","sha1":"dc6c06e3625bd8d6c570677a5c35ba68bb9d683a","sha256":"0930f7c80757dce328b713839a85ea8a866868091b769cc8c21263feb826a277","sha512":"fcb0be0c942b26669b57fcc0bb2da5f7e7c72bad8b8bc83902b30f29b0071e07421dd6b3e6a9ddeabaebc6fb4e6ffc2c6c97a86177fcc5df9f527f66a6c6bcf3","ssdeep":"","tlshash":"6090047041411734031040357d75d3731d74435ddd4f3704151f7d1011574454d30d54","size":47,"data":"","first_seen":"2023-03-14T07:25:50Z","last_seen":"2026-04-20T08:34:39.057123Z","times_seen":439,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"a61d36063f1eccfd08491add6b3c7fe6","sha1":"8a1b68b248b3c53cb58fd2dff4f4bb180ade58c9","sha256":"aa953043882f3cc190c706f932c0e0fc31e9f904c14270996b149b8da9d5f5e8","sha512":"90704b7f6c1cc3975c92dc6b3c8c7c68ff0f1148285df2df4174db1fea2d2d210315fbb36d7461e7760e7f0c7cc09aae1cde61d18aedda5373b99a0ca34ed11f","ssdeep":"","tlshash":"ed40000000000003000303000000c00003003000c0300c00c000000000000000000003","size":7,"data":"","first_seen":"2023-03-14T07:25:50Z","last_seen":"2026-04-20T08:34:39.058966Z","times_seen":314,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/js/swiper-bundle.min.js","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","size":140562,"data":"","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-04-20T11:35:00.24225Z","times_seen":3237,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"1cbcfc0f14573931861f749f69b83855","sha1":"dceacc512cc9b25c5ff0d94582f43e3c26bd383a","sha256":"a5f2c9a5cd1bd0a2ecac50f9db171c570cbb0cf786e77767c5e6c91d71bc9d8b","sha512":"a1531c21b5b5d11de1f825d22841b31f5d1f0850bc35333d4dc83dacb4e9e42e699259a6db25ad961f65fb270a8a8270de5b823cdfc8ebb1ddf825948cd7542a","ssdeep":"","tlshash":"4960000fc0c0c00f00c00000030c0000000000c30030cc0000300000c0303c00000003","size":12,"data":"","first_seen":"2024-08-19T14:43:13.20608Z","last_seen":"2026-04-20T08:34:39.055096Z","times_seen":340,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"33de1d83ddd01480fc8d27cec507482c","sha1":"cb1d05c035f4a2fbdaae0854776d936ea629f35e","sha256":"8c7f5a11ea385bd88c7f51080de98ea3b687c79bc904b9ac279fae7b18550569","sha512":"59722ca34e5497e67196ea74709363272c7770a2fa05205e5759d04fedeec462d55bda9fd9dc9a8e6dbb38eef770f073e9118c77852271464c3e8fab89aeeaaf","ssdeep":"","tlshash":"6a400000000000030000c030000000003000000000000c0c0000000000000003030003","size":6,"data":"","first_seen":"2023-03-14T07:25:50Z","last_seen":"2026-04-20T08:34:39.055554Z","times_seen":327,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"9538afa4092b37671662822b43144d82","sha1":"fac4913f8fc58478b15272b622f7a53309ab4386","sha256":"dc25ecabc2fca1a481f40608097262de83c97aa496359280cf8fd77a52930b6c","sha512":"5e923b0d32529a9f56560e3019dceb3fe0ec6859b23ca1bd3923e85114ecf46c2891de9be9aebed05fc87b410a317b8a9fb21821bcc56f5fb7ecd5132b874de8","ssdeep":"","tlshash":"01600000c000c0030cc0300c0c0300c00003000000c03c00000330c000c3000c000003","size":12,"data":"","first_seen":"2024-08-19T14:43:13.20469Z","last_seen":"2026-04-10T23:40:19.244925Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"Function","is_inline":false,"md5":"64a34d68aaec9e1c17a5993153724aba","sha1":"9617cfa6b2e778a53dd17694df4b96647cff642f","sha256":"755db7cd33be7bbaef5aa6ad921e221178394f838017bc9fa356ae58dc962caa","sha512":"3b8b2a02032f96b244c6314aabca889d8fa78b31dcb7d3ce221d6af92a6ca63eb2fc96be2dcd16f7167164081060aa363758f0fe4801cc7e3814b4a1c89ede99","ssdeep":"","tlshash":"a7e068c86382dc683e937deda88b354914481e4d2e954ca85d02292b24864bb91c219f","size":387,"data":"","first_seen":"2025-11-19T10:57:35.227701Z","last_seen":"2025-11-19T10:57:35.227701Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"631719d55e735c97344681d1172532e6","sha1":"966dce990d1f0a32e0cbddf75b43a7d3012b8b03","sha256":"21f28ca87ab290f01c12e5192812b3f8214297edaa65633b31101e0a6e8e68eb","sha512":"f174f45ca1f5b0c5a246510014770a0202918de9206001d925832838089f8f9636009f3289a0d0c4ee5b2ea9a7dc86cd716e21f84c25de187e93e7e62f3753be","ssdeep":"","tlshash":"188000a000822220030002a0383acaae2ab8c3a8e8022300200f080002c2c88cc00c00","size":27,"data":"","first_seen":"2023-03-14T07:25:50Z","last_seen":"2026-04-20T08:34:39.058427Z","times_seen":440,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/js/jquery.min.js","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"00727d1d5d9c90f7de826f1a4a9cc632","sha1":"ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2","sha256":"a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74","sha512":"69528a4518bf43f615fb89a3a0a06c138c771fe0647a0a0cfde9b8e8d3650aa3539946000e305b78d79f371615ee0894a74571202b6a76b6ea53b89569e64d5c","ssdeep":"1536:SjjxXUHJnxDjoXEZxkMV4PYDt0zxxf6gP3f8cApoEGOzZTBvUsuy8WnKdXwhLQvg:SdeIygP3fulzcsz8jlvaDioQ47GKH","tlshash":"5393f8ddb2c6702247a770ba007f510bf236199d684d8450f269d8e9bc78a4e827bf7d","size":89664,"data":"","first_seen":"2023-03-07T01:28:27Z","last_seen":"2026-04-20T16:39:23.227182Z","times_seen":28484,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"introduction_type":"eval","is_inline":false,"md5":"fb29339571d1622f7ecd25f72225a12b","sha1":"600c03c8ada47eec1b1f8391824cd0e68583ccb0","sha256":"4bf28ce48cfdd069db86ade17cdc3a425bbcf1a34791fd2496a2abec2288b2d9","sha512":"f6106dac7b93fd13f48476f7597ff4a24190f030d55f94767a5754ea17446cd476143bbfb9b60bc4516aa01abfde53f4dca9a4c904c116bb2a3beb06606ffdc6","ssdeep":"","tlshash":"9b50000c03c0c00f000c0000300c0000000003c000300ccc000000c03000330c0c0c03","size":11,"data":"","first_seen":"2023-03-14T07:25:50Z","last_seen":"2026-04-20T08:34:39.059474Z","times_seen":328,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"312351bff07989769097660a56395065","sha1":"004be89dd9e070ecb080b9b759e5be29ec24881b","sha256":"b2b2f104d32c638903e151a9b20d6e27b41d8c0c84cf8458738f83ca2f1dd744","sha512":"454935a0b9fe288a70896e9e0548537ed09c564e47d771b91202f70ddc94946fa6b209e205034983ebe3160633bf5401df01cdfc54b7f98c4bfbd5845a89124f","ssdeep":"","tlshash":"1f3000000000000000cc00000000000000000000000000000000000000000000000c00","size":4,"data":"","first_seen":"2023-03-13T00:05:53Z","last_seen":"2026-04-19T13:20:37.52981Z","times_seen":32218,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"7bbb9a425b192a3a671909a2294e819e","sha1":"caaa351a98fa028a2358c203e76ee929e3483c10","sha256":"c848e1cc5599d00de1273069d5fd1610dd47a137da896e219ffe1283bb415b90","sha512":"ae9428fc685f7106b95fd313056b6e42580ff1cc7f8708e0e56174573b2c11c6fe2d6c37ce21b6657fd4ae25ed99068ec54c842fb2380f3cbeca87469e4a658f","ssdeep":"","tlshash":"0c80000080800a280000802a88aaa3230a20020a8a8a2b080820b820202b00002300a8","size":26,"data":"","first_seen":"2023-03-07T01:19:11Z","last_seen":"2026-04-20T16:11:54.031563Z","times_seen":204997,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0a3a0b592b9c285e050805307cee87c2","sha1":"125a168e24b2bd38aadb84cbb5f87f316b073c41","sha256":"aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23","sha512":"4097f05a9ce819914160aeba71fa11524f6b291a39b7c948509d756318b600934f1d195980df66bc7731e327979135bfcbe0e9ff3758d779a72481ed623cd3a5","ssdeep":"","tlshash":"a34000000000000000000000003000000000c000000000000000000000c0000cc00000","size":6,"data":"","first_seen":"2023-03-07T01:02:09Z","last_seen":"2026-04-20T17:57:13.211819Z","times_seen":233913,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"alqard2u.com/favicon.ico","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:08.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:08 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 15406\r\nlast-modified: Tue, 11 Feb 2025 03:26:52 GMT\r\netag: \"67aac37c-3c2e\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"d9fc358001dee40d70b4b8bfb47086a0","sha1":"312a37530b5fcfa9b6a9e36825b7248675cb0347","sha256":"3f9cd7fbe6ebbfe483465fb07b69845cc1c3ed7835e4eb9518acea5702de616c","sha512":"48c11c0875c23853f86f6c9cf0c57aa859d0846ac25130f0fe29c5a467283a12e4a3e219a0f6e07852f5c02abfe0cdacaa0e95d56ee764675abf96d8a76d8a5e","ssdeep":"48:iyIQedNcI1Z5mcT5hFZpcFp2YR/pWTt+J8K1q5qqgdZxisGCQaHT27vZjaHRXR:Nw2mMohQpPRWTt+JrXdJGvaIIRX","tlshash":"7b62f10652ea45e9da1216361f9ceb001b9fe2f24a4f4fa711b385c06f3dde6f915c0a","first_seen":"2025-10-30T09:53:15.554691Z","last_seen":"2026-01-17T09:36:16.961864Z","times_seen":4,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":306,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/windows.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/windows.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1821\r\nlast-modified: Tue, 11 Feb 2025 03:02:30 GMT\r\netag: \"67aabdc6-71d\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1821,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1a14ff322ac3acfecb65205c75007fa2","sha1":"668a8f8093e697d5a0e24a47d0218e9ea3953d7f","sha256":"839e00a4f938e30d2393eac9937ca055cc35f595471da938514aa2c3c4258bfe","sha512":"0406e4434a9f17e44c27e110a02e32c48fbae63406139256070c286080779ad1e9f28ddad63ffd50ac27d4c62e615b4abe0efcbcf992ea653e2eef694b085698","ssdeep":"","tlshash":"cd3153fd7a7db8c5958897a65f05a0fc5053f2f3ad404000cc41bbdeb828dea5c0aac9","first_seen":"2025-09-05T16:06:07.018209Z","last_seen":"2026-04-12T08:41:34.258579Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1230,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/rocket-tutor-01.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.414Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/rocket-tutor-01.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 31802\r\nlast-modified: Tue, 11 Feb 2025 03:02:30 GMT\r\netag: \"67aabdc6-7c3a\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31802,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x1920, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"976f813586519e1b23c30732761a0f90","sha1":"bc92249e326913b00fde9f1a0ce2c7a86efa647c","sha256":"9bb36c516cdafd00aa3bccb2de83792f81197328837f3e18d6ab5b8c90559613","sha512":"38db96ed8f07c4aff9890fe007c6b56c57cec695d304baf427cb233162017cac3fd42cda9789e86cdcc6be7b1f48f7e8a8a2ef0f946b2b91e7b409340f9cd36c","ssdeep":"768:kfV+1CiXklyUB/DgfJJbrhkhdCkDITjhQy4xd8keckg5g:4+1CqEhaBryhdFIHhQfveckg2","tlshash":"57e2d0f91596b039c82807768ef6cc944b4e44a355f0a7aee8faec948ef5d5618100f7","first_seen":"2025-09-05T16:06:07.01069Z","last_seen":"2026-04-12T08:41:34.273113Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1228,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/webfonts/fa-brands-400.woff2","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:07.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:07 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 105536\r\nlast-modified: Tue, 11 Feb 2025 03:24:20 GMT\r\netag: \"67aac2e4-19c40\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":105536,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 105536, version 769.768","md5":"cd2b4095e9ce66cde642c3502a4022d9","sha1":"a280ecdddd14695fad22599301ab03adfe5224c0","sha256":"404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905","sha512":"062782597f37b964a5f285fe8b75ac2cc57e99024fa6c9bf841dc2e7b930ce6cfc12ea5f32d2a6b7301a74ffbb552457a2a82ed9d945e135d8b027f506bf5d77","ssdeep":"3072:cBrlv6vs2sSSF2Hv2/V49i7iM6wYyXuJwzO:cBrlvyVsSSFeWV49SiM6kaoO","tlshash":"86a312970cd7bed18e2da7c565932d43f197f6fe718c4510d42a282949c212d18ee2f7","first_seen":"2023-04-05T17:13:40Z","last_seen":"2026-04-20T12:59:39.48014Z","times_seen":7723,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":525,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/footer-bg.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:07.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/footer-bg.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:07 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4497\r\nlast-modified: Tue, 11 Feb 2025 03:14:30 GMT\r\netag: \"67aac096-1191\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4497,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b72dcfe1118ae21a33ef764a7a259636","sha1":"041b96bc62e5ef9c2e17e98e1403d3425459dccf","sha256":"21f36f0386a6e7f987e334baff90fa79e76bb484b005b22561c49e3562093bb3","sha512":"16b04b1bf68355b5b58aa1d8889faeb6a6924f2637fc9ea99390325feb41e4b8ba15c053f3d193fc17f72369c45f35c4e15da649a00cce5e2dd96ebe7cf3ccc7","ssdeep":"96:4Y1x/kWuu6qoAW1LF/Xh1R32fkR1XaADujR3u0DFz9CYY:lxsG1Kj32sHMe0xLY","tlshash":"9791c6ce3f7063e4a9c8e3e7dd2954e4bf0f20fd9649823cc2694e44985686e96004ee","first_seen":"2025-09-05T16:06:06.941116Z","last_seen":"2026-04-12T08:41:34.270633Z","times_seen":28,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":536,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.gif?hca=20E84E839B8908A4\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=722796640\u0026si=6943b489db7c05ef82cea35b91cb9174\u0026v=1.3.2\u0026lv=1\u0026sn=2979\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Falqard2u.com%2F\u0026tt=%E7%81%AB%E7%83%A7%E4%BA%91%20-%20%E6%9E%81%E9%80%9F%E7%A8%B3%E5%AE%9A%E7%9A%84%E7%BD%91%E7%BB%9C%E5%8A%A0%E9%80%9F%E5%99%A8","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:08.953Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.gif?hca=20E84E839B8908A4\u0026cc=1\u0026ck=1\u0026cl=24-bit\u0026ds=1280x1024\u0026vl=1024\u0026et=0\u0026ja=0\u0026ln=en-us\u0026lo=0\u0026rnd=722796640\u0026si=6943b489db7c05ef82cea35b91cb9174\u0026v=1.3.2\u0026lv=1\u0026sn=2979\u0026r=0\u0026ww=1280\u0026u=https%3A%2F%2Falqard2u.com%2F\u0026tt=%E7%81%AB%E7%83%A7%E4%BA%91%20-%20%E6%9E%81%E9%80%9F%E7%A8%B3%E5%AE%9A%E7%9A%84%E7%BD%91%E7%BB%9C%E5%8A%A0%E9%80%9F%E5%99%A8 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: private, max-age=0, no-cache\r\nContent-Length: 43\r\nContent-Type: image/gif\r\nDate: Wed, 19 Nov 2025 10:57:09 GMT\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nPragma: no-cache\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=90313922359C5BC7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ad4b0f606e0f8465bc4c4c170b37e1a3","sha1":"50b30fd5f87c85fe5cba2635cb83316ca71250d7","sha256":"cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda","sha512":"ebfe0c0df4bcc167d5cb6ebdd379f9083df62bef63a23818e1c6adf0f64b65467ea58b7cd4d03cf0a1b1a2b07fb7b969bf35f25f1f8538cc65cf3eebdf8a0910","ssdeep":"","tlshash":"15900003fbc08002c2b2e0300b3b0380238ce2200aa8030b80aeb0acecaa3a20c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-20T17:51:17.138319Z","times_seen":338723,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":304,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-19T10:57:04.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:05 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 10 Mar 2025 03:03:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67ce566c-1382c\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":79916,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4840)","md5":"062b0669dbb580ba3c664860fa4758f3","sha1":"3b156034db32ab6e1d6e0ac0b4310bc94af55546","sha256":"932462e88fd136d26a686b2b45a07ab7d4c6d5a5b2cf8cb671124fce57341bc9","sha512":"e1d211d29d326ecd1ac9d6020609e90002ec4a18bb3f1912f5461e5134071d453d95cad9044c8281678efea8e45cfbce39284be5bebd0214db7c39128c1182cb","ssdeep":"768:PEbkrDajvd1U/aknlXSsbdYn2CNIysMgDZ2+pSYxSRij:PEbkfa3sbdYXISgDZ2+pSY4Rij","tlshash":"7c73d8ad55f699b34687d2d7ff5a4b1a3d91809bc54a8600f6bc4f9c2f81d82cc0378a","first_seen":"2025-11-19T10:57:35.143675Z","last_seen":"2025-11-19T10:57:35.143675Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2284,"timings":{"blocked":837,"dns":198,"connect":312,"send":0,"wait":611,"receive":0,"ssl":323},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/install-guide-ios-6.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/install-guide-ios-6.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 63900\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-f99c\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63900,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 518x1038, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"48cb1d5c1e084fd14c8665c9a34609e8","sha1":"d5dbb412544b852e254630f43777b2425b9c5e7f","sha256":"5036294610867e82b49b86a4aa5a0677db8008df7276f44113f0d405dfb58bed","sha512":"66e69b4c94964dc3f7a3229e4c74414db57d44f0e53c73527b6964eebb02ea448db9bec343a059012ffa26ff2987a941ebb71f1259c20e538515fd40dc8d04ac","ssdeep":"1536:Kwo+wFoG1o0JcEGJPvaQzOkVhnC39QwLlK2d5M7L:KbrFoG1oZ59zOkrnG9Qw9Un","tlshash":"dc5302910b1703945f6eceb53c7b702c352802351a46e7f09d1e479836efaabbb425ad","first_seen":"2025-09-05T16:06:07.01639Z","last_seen":"2026-04-12T08:41:34.268311Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1561,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1226,"receive":335,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/vn.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/vn.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 413\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-19d\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":413,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"97835f337c123768d6afe07e40f669d3","sha1":"4a433e7dc5fa625619150cd164b8de1f8b14bef3","sha256":"007de195e97b47201366b36fa6bffb6d3652380943d599fbcca394827c6ddf00","sha512":"42ad114c35143897c92983ae5e103d8631e1cd4958ef198386ceb4c112c1083ad9aa432fa97e6f887e5d3dbf3c7f5e539002f8e7d38cde5716535ffd78179ec6","ssdeep":"","tlshash":"8ce0abb5118cc82ddb0083021e6b70650160a0ce099ec816bbc4331bba4c5da2c10ac8","first_seen":"2025-09-05T16:06:06.948741Z","last_seen":"2026-04-12T08:41:34.295832Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1567,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1218,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/uk.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.486Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/uk.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1666\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-682\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1666,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"61272d79a261f0c3ba6b79a6ce2a8a39","sha1":"be1005f6af52f5b8b2c32733681fd39f0d0a7a85","sha256":"4bbfad58b4e00a2b2665045273f24ace2d8808345f7ab00ea0d814f9bca79193","sha512":"1f64907bd9c79d5f60e8a77cc78ddb494b247c0c248aadd1e9bc331f9006fe6a5d9e5d00e9db6694f06ba1fc1de449b72080553798d72893e39fa9a4a546bb74","ssdeep":"","tlshash":"7d3114e02108c789ca486a3a9f0ab9f4713669eefd7490c0d1523a973ca46bf0c685f1","first_seen":"2025-09-05T16:06:07.011754Z","last_seen":"2026-04-12T08:41:34.296634Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1217,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/ios.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/ios.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1404\r\nlast-modified: Tue, 11 Feb 2025 03:02:30 GMT\r\netag: \"67aabdc6-57c\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1404,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5de2a7557f1169e442baa380103e457f","sha1":"7ed386a5147b825b54efd83800be7b1ea61f8686","sha256":"86dbf8c0dc5464f274b1ad07c4ebc567178cd23b7d4097ab96f5f2fbf10b5087","sha512":"bc7066d6baa0fc814fc3d719b772550eca4583de098630d2cbc14615896d7cc3e9facc9228ae4e715f07c25ca20e5fdbec9b15f80345a1ad69c89f3979e32d8b","ssdeep":"","tlshash":"fc214472b15d7cadde509accab1551fc32d395f3d6904105da91ab0d1c1ccd6cc1a3d9","first_seen":"2025-09-05T16:06:06.945409Z","last_seen":"2026-04-12T08:41:34.267793Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1230,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/install-guide-mac-2.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/install-guide-mac-2.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 60814\r\nlast-modified: Tue, 11 Feb 2025 03:02:30 GMT\r\netag: \"67aabdc6-ed8e\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60814,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1275x606, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"24cf82f3274ba10a4aeeb10589e43629","sha1":"951643444c45efa4fe3de14a247cee70411a862c","sha256":"ec5071c4bf595f2d3834c35d977df3db02836e9d18565c1d6f119d2345f31097","sha512":"6901d066c8499b34d7d8f4cbfd7fae11b5de425e6ca06186bba2902a8d3555c26df8d356cd1bc42d64974c7bc7921180b413ed60aa443e58813900dae8e798bb","ssdeep":"1536:ngXdddem6HV4JSOCZYqz6O4+iT7eXP4xilH6:ngtdAHV2eYqz6O4+iyNH6","tlshash":"ce53029f16be3631d4a3a4ca4adb8952951002d047e78e9eff2b446404bc799fd0e4df","first_seen":"2025-09-05T16:06:06.967726Z","last_seen":"2026-04-12T08:41:34.290461Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1228,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/usr-1.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/usr-1.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 38188\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-952c\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38188,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b9dcccbe72c3a37d960163383b94f364","sha1":"5a55500839ba53fa85fc441726a61650512531d8","sha256":"2f19d6ce32b3edafdb2158bf271566ec1c41e020976ef8fc2cd641fc08774f08","sha512":"eb287471a1047475a82e87ccf52efca8b97353415108dc3d0f722896a522cb968e2494870b6712e36bdeb9e4f3bed7e90eed37a90691bcedda33ebf298451866","ssdeep":"768:ZyoJwZkF4HJwY4Gmsbk/8HnchBrkFPgarnX3Yefleuy:ZyoJwZ7eY4G7m88/kFPvb3Yaguy","tlshash":"b903f10bf56882b8a31f3b2573f308bfa289c704d7251bc7b64624e8bb17a1945c7295","first_seen":"2025-09-05T16:06:06.954407Z","last_seen":"2026-04-12T08:41:34.291718Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1564,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1225,"receive":339,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/css/swiper-bundle.min.css","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /css/swiper-bundle.min.css HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 11 Feb 2025 03:02:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67aabdc4-45c5\"\r\nexpires: Wed, 19 Nov 2025 22:57:06 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17861,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17607)","md5":"f1b9f97911388482298d0c3c8c3d04bf","sha1":"307f60dbe7aedf9f0955d6c0e49b653d4d7ce973","sha256":"681892d9ab9d4c9ac8ab27a105ac9caf946cb171e0a9848017991e93e294e99b","sha512":"6d0ad3e993cadd81a44daed59486787ac7a76d66fc740c660b50ebbc655e75fa7c32ce6c780332632a5fd774c2345c08168bb571f2f4705bb2b40d7796d0f48a","ssdeep":"192:EvmUJbiKne0JlXZHZ+SMS4nxep/a2GZs707fufKlAYfg5fyeesedOJ9A5Pz+c3Az:EOUbe0JdZHZ+1nZ2JkWfF4XYz","tlshash":"7e8234a86340282753274f364b71cbb9dd7444d20f9389ae91c0ee48d7f6db9132f6a9","first_seen":"2025-07-04T18:58:24.000705Z","last_seen":"2026-04-12T08:41:34.236116Z","times_seen":30,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/install-guide-mac-1.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/install-guide-mac-1.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 69458\r\nlast-modified: Tue, 11 Feb 2025 03:02:30 GMT\r\netag: \"67aabdc6-10f52\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":69458,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 882x500, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2f369d9aa3c979ecd3d6c8f4e947f8fc","sha1":"25ee634a5b0818d1d00060f2ba66fea113fe3ddf","sha256":"556a5c53a384e1ebbcf3e50abea14e9f0d3ed3cf3f84d44b407f1b784b57b204","sha512":"5c108073bf00e0e1155faacd3c05b4f360ac079d5593ffae7ca8acd6e710198be674a32e264cc50cbdd8f49451fe21afc4f7ef49cc8ffbee6ce6fd68f6bd981e","ssdeep":"1536:FZxa3rKjxzgK2+URHLNtRLqKPtm/HrQ/QzuV/H4m:FzqKVg3nm/4Qhm","tlshash":"d463024e01b3c6d204e2104b24dd5206a6ed1bfe7eb2997cb4c6b9df30a1ef89506f81","first_seen":"2025-09-05T16:06:06.929799Z","last_seen":"2026-04-12T08:41:34.291078Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1586,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1229,"receive":357,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/rocket-tutor-03.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/rocket-tutor-03.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 60324\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-eba4\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60324,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1125x2435, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"04ed2afe84f3e8663f3432b70b3e8239","sha1":"ba7af46c4ee834f17523fbddbc539be0d553777c","sha256":"b666447285dbffcb92fa44c636bb560a27ea50d265d5f0d2fee47af1f9040247","sha512":"8b3afefc05e2ed7f39decc8d7bf9e0d010f097a9a4ec73eb4452601e197b4d3d2e069235716a77b84110f72082fdab44a225fffb89bfaaaac308039eb187dd11","ssdeep":"1536:j9z110ZHgTHp/R+Zo4m1K24gfcDvZf8Gj3v:n1OATL+ZwK2v68Iv","tlshash":"e543f2f3055a1d1957293636f425e79b888e7ce683307493b66e12d5c39aeeb11c330a","first_seen":"2025-09-05T16:06:07.019332Z","last_seen":"2026-04-12T08:41:34.254639Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1543,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1227,"receive":316,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/install-guide-ios-4.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/install-guide-ios-4.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 94124\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-16fac\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":94124,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 508x1030, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c3094bc0f14e884f5609a8a00626c058","sha1":"68494fc06d44f25fba06627b88cd26ae9303d232","sha256":"abf3ebb6dc6d29d99a7a4be7d99ea26ef93515274145cdf9c80accd3ffadd82d","sha512":"d5408d41f74b239ea4580886e9f5dfb118ee6e6781a414d0d0668a68d8c1c8c6aade9bf1064e1b850761dfa554f17e4e289a3f16c0edbb859cd4c78bd3a2d55b","ssdeep":"1536:lE/gldI45Y0R9IjuuQ+wRZkz/S+Qi8veXhnSLb19sk8voDjAVuC:WyNR9IjDQ+wT+Qike1SLb1Q","tlshash":"6f93024350bb19fcd954c89ca042c8b69cc6ba2cdfc9c12d6eed2c35dd63a46b8ed914","first_seen":"2025-09-05T16:06:06.96912Z","last_seen":"2026-04-12T08:41:34.24894Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1584,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1226,"receive":358,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/usr-3.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/usr-3.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 61706\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-f10a\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":61706,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"428b28e146587fc85de67c0031275617","sha1":"babee9d1444363c3c57c5ac46154a65d7351b718","sha256":"7b4d556130ef79059ae6ff7d24d712b73cdfbf85d11b1b7c84efebc16a5d43d1","sha512":"9e8f2cf96dbe696e769f74acae1455787d340470c7575f368a432498dc2b56dc5e4fc42272393fedda1ea197da5cbd4c99a2ad98d0fde0bbecbb252e9d718a45","ssdeep":"1536:GZO9qPLBqLgmG13zP1aNQXQI26xgMPFPflJNrr:V9qbHpa+XDtFHNr","tlshash":"805312e22d6b48948e0f2dca3764bb8370d75130d86f20a369d6465d3772368a2ca7b5","first_seen":"2025-09-05T16:06:06.896283Z","last_seen":"2026-04-12T08:41:34.244215Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1571,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1224,"receive":347,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/usr-4.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/usr-4.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 30178\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-75e2\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30178,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"fc236605191117b03624b8bdf692bfee","sha1":"96b2636c1266d7b7372e3c7ccba327825f6ec839","sha256":"c8f59bc2ad13b5bfeda592da0419d735f8f16f8395b6e348f11af41695142248","sha512":"7794178a97bda15bb3ba356ed19642f51cf0ac276d4fc47699fcb6ee89fc9e8fec520305ebe13d5f0feac807252ebfa35e1accf1b74a5dc70032107f264590e7","ssdeep":"768:km0UGWYq+dunAi0tOK3/OJT7uocs3kZYsBLuC2:kmmuAiIYGocs3kZYsBL8","tlshash":"4fd2f1c909d22b57a028927c55224d3622be51eaf454f12dd16e7f30d31bc1b2f9c2e6","first_seen":"2025-09-05T16:06:06.958892Z","last_seen":"2026-04-12T08:41:34.277829Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1571,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1222,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/cn.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/cn.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1011\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-3f3\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1011,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bd856ff1611540dc92492b0c83a4ad59","sha1":"e6921df4c72d6e82fddea0f4568be4e37c0929da","sha256":"25edc3573228fdbca20772cb04e403df2c4e549a9a59a87e441bf6e160b989f8","sha512":"6a4105c38a1da47d683852805e6e75e0c364afb4840d8d108d56ebc046f0e9e5f464e902638663b44780186f906bd8f72dd3664eebb9708c02faf795a5a93729","ssdeep":"","tlshash":"f71121d1338c8325c70087e55b0df0b9603579f65468d565abc5764b6d9851a0ce9dcc","first_seen":"2025-09-05T16:06:06.998608Z","last_seen":"2026-04-12T08:41:34.26112Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1220,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/netflix.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/netflix.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1171\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-493\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1171,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"28446c42beb915c0cae21f379d51e3d6","sha1":"5cdbedca7def23d8c1ec96ea5c5519af9e91bd4d","sha256":"a9d01a30a914f1cb26681943e389ddd0b2b1817bea8e2d7146dbe7fcc993fafa","sha512":"ee778a10be3262e4fbca640ddc1a698ec9ae6e72ea8a5ca5f64bd2de24ee2266130275e81305406af211b6462bf6712cda1b30405d6d012ccacb0e6010d47752","ssdeep":"","tlshash":"f5212ef430c870d0fc4813fc9263a1b5b5a728e2b7e8df8980a81926bc054089c88c01","first_seen":"2025-09-05T16:06:07.000945Z","last_seen":"2026-04-12T08:41:34.283782Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1563,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1214,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/5stars.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/5stars.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 946\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-3b2\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":946,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d5bf814a3e5fcf78dfac33dad27f5a93","sha1":"fb42f125e5f5e358df93df10ebd71881d7598b4f","sha256":"d33cc513d43c906855ed69aca181df12e79d5a474ef09ccb21f86423de8b8a85","sha512":"86876f7ae6623c153b8312f6821e231514456d27e0a5dcbe32f9459e27474e13de84f1a6c8983060840f01d6a65b6320a0bab9b6cfcd4e8786f9eda00a3d99c8","ssdeep":"","tlshash":"5e118843b64b3161d8a1a4207cda405ca8fd555d23c973c753b9b755545e0cc0cdc3a1","first_seen":"2025-09-05T16:06:06.9134Z","last_seen":"2026-04-12T08:41:34.270179Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1563,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1224,"receive":339,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/usr-2.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/usr-2.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 49844\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-c2b4\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49844,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ed8103e4059ba900f934c3a1283e6981","sha1":"89bf34d2d4850f278b5f46a09046ad5a540a1440","sha256":"ce301bf980eb5345473c23175c6b59de3dbb6c9d1f636501eed434ab838ba394","sha512":"83993e4c6cc67eee0e23a78dd5c16f45482c20ef95f38500ea3a6c368be5ac2caecf4d6f40d3cafc39904a1f31b662ea445ecdb3a66d0bc5a3947be48e89309a","ssdeep":"768:drqcbkJK4P0YHhrLEg4Nkv8Uih+Nk63hrvLHiRtIarHWPWdNPAh:lTQ44P0YHLtuh++Yjk5T36h","tlshash":"9b23f13659748e762362a160cbfa85703e0ca55d9d812da82b740c27fd335e76e06c7e","first_seen":"2025-09-05T16:06:06.991537Z","last_seen":"2026-04-12T08:41:34.239505Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1224,"receive":342,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/de.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/de.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 386\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-182\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":386,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4b6c3a0a69ef2465c644a29b6febce72","sha1":"29625e9ec130cc95fbf1797faf48700fef81fd41","sha256":"3a7fb47805fb06f50d36139304841441cd5c8a430a8d81c998bab023fac3d719","sha512":"3a820faf68854b3151330405cfceeedbcbe0b9e2a7db64d14b4aba424d4fbc853d167ced88d61635f518b107c067d67cda3c67e9f6ddd606de1dd15954641adc","ssdeep":"","tlshash":"4be0687a629d8529cb0003020f5e70a691a1a0c8159e8a69b5d0776b6c4c5ef1c623cc","first_seen":"2025-09-05T16:06:06.987821Z","last_seen":"2026-04-12T08:41:34.287579Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1566,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1217,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/instagram.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/instagram.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 9775\r\nlast-modified: Tue, 11 Feb 2025 03:02:34 GMT\r\netag: \"67aabdca-262f\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9775,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7889a16c7dd269dbe7b9ce0fdbbef4d1","sha1":"223e1655e43ad0ce4dce1ee970b31be3ae797ae8","sha256":"20a26ae9d578cf74ef7b7a3a7cd9985e8507fea60e0a1a09b39ec16965039d76","sha512":"576236469f124c6990f38202119cba3c77e827226afc451d3eb9705c3cf230f8987c43e47fdb20b6814a693122f298464c65ed873466543134b85cad929bd4d6","ssdeep":"192:aoW7ErZ2m1W/zwxnfDDnDv8/UvbhgRuLODx7VKDjEWjPS07oolC/:anorZw/cxHYChgci7VKDjEWNg","tlshash":"8c12a5e563b4b2f4f50ae7f8d5178471be8b2cba7ba1c798c3e19f94a15005c49c8c92","first_seen":"2025-09-05T16:06:06.912307Z","last_seen":"2026-04-12T08:41:34.285631Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1563,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1214,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/js/jquery.min.js","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /js/jquery.min.js HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 11 Feb 2025 03:02:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67aabdca-15e40\"\r\nexpires: Wed, 19 Nov 2025 22:57:06 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89664,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"00727d1d5d9c90f7de826f1a4a9cc632","sha1":"ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2","sha256":"a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74","sha512":"69528a4518bf43f615fb89a3a0a06c138c771fe0647a0a0cfde9b8e8d3650aa3539946000e305b78d79f371615ee0894a74571202b6a76b6ea53b89569e64d5c","ssdeep":"1536:SjjxXUHJnxDjoXEZxkMV4PYDt0zxxf6gP3f8cApoEGOzZTBvUsuy8WnKdXwhLQvg:SdeIygP3fulzcsz8jlvaDioQ47GKH","tlshash":"5393f8ddb2c6702247a770ba007f510bf236199d684d8450f269d8e9bc78a4e827bf7d","first_seen":"2023-03-07T01:28:27Z","last_seen":"2026-04-20T16:39:23.227182Z","times_seen":28484,"resource_available":true,"data":null}},"time_used":1213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/popup-bg.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:07.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/popup-bg.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:07 GMT\r\ncontent-type: image/webp\r\ncontent-length: 19164\r\nlast-modified: Tue, 11 Feb 2025 03:13:36 GMT\r\netag: \"67aac060-4adc\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19164,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1686x1163, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d39a5204f5f0cafb97e35038cd67b422","sha1":"104d8db452fa67daf39895b266f92ed8af30c581","sha256":"37fa3c3818dfe423c0318a0bd3a295625a6e2d262c69a664ece8aada5e673023","sha512":"9cfd71e04ced72ff44c74305af914840717387455b9350220a04ca79795963a81cd084e4660075e220f072d1e48159c1e94d9036b58e4b0664b513865a065f4c","ssdeep":"384:QwCHY6aQMcbrVufJ5XDpB6ry1KYmNaLe+HunG6DEMRx0Q6Qjm7puZaKWk8z/JO:QwCxJbrVufvlgmcYmunjo30qNlWk8z4","tlshash":"c782c020f3999ab2e6af0937d03f8a711d23f6c99ea284150213b0a3557dddbc86375c","first_seen":"2025-09-05T16:06:07.012688Z","last_seen":"2026-04-12T08:41:34.243696Z","times_seen":18,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":314,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/webfonts/fa-solid-900.woff2","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:07.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:07 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 154228\r\nlast-modified: Tue, 11 Feb 2025 03:24:04 GMT\r\netag: \"67aac2d4-25a74\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154228,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 154228, version 769.768","md5":"55b416a8df21f9f987aa352f10d1343b","sha1":"2717f3f58271f2f2e6120d9937c7227002656d34","sha256":"d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73","sha512":"7c4983811eba2ae80998c62c0eb48cc53eec26e3ca4222d5cf0a758a5ea92e6a14dcfed4fe5b7ef5513f89be2c0f336d0131687fa3eddcbd4bb218bbd6beb985","ssdeep":"3072:1s6054PmrMMxqMo/sE4yN1JWxUY+qI2kqdYt2B1dqchgjwQ:W68io3G5JYktDt62b","tlshash":"fce3123d3f8fc58deaa2037b7c645050a1b9bfa9a9f1293dc67028ac11557e17b48d8c","first_seen":"2023-04-05T03:24:19Z","last_seen":"2026-04-20T12:59:39.431954Z","times_seen":17016,"resource_available":false,"data":null}},"time_used":548,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":534,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/map.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:07.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/map.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:07 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 426907\r\nlast-modified: Tue, 11 Feb 2025 03:14:14 GMT\r\netag: \"67aac086-6839b\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":426907,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"415bda59cf61df0bb6895179fe77a70f","sha1":"9083f599e18e71c13c93ea3c1f9514fead8289c2","sha256":"6cb482a050dd76a1a3f18b0701dc621ac242c6b09b05e4ad19a385bfb72acaa9","sha512":"20cd0f3f8db564d8d04ffb513959be012a7b5163a3cbd1bbfe956ed86671650a21c4cdaf9a4287efb5658bb06fe55813c75e673678cee40c2222cd2dee1a1c17","ssdeep":"1536:EU2Dl/17eiGMSVwia8KwbV14I5g/gnSPm6ndb5hv7aHdhC71pYx6NNTuQysKA1ir:OGMSVwi/","tlshash":"959481cc377404c5acc483c7bf0964ba2a1f95f91e140a90d44a9f6fbd81eae8d5adc6","first_seen":"2025-09-05T16:06:06.974316Z","last_seen":"2026-04-12T08:41:34.256914Z","times_seen":28,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":517,"receive":48,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/css/normalize.css","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /css/normalize.css HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 11 Feb 2025 03:02:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67aabdc4-1a9e\"\r\nexpires: Wed, 19 Nov 2025 22:57:06 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6814,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"db1ee1ecf28eb31fd00bdde5db5dd243","sha1":"c1de81ffdc5b995b5b7e514bf8f5922c480029f6","sha256":"d592f1c585062f14b5c94145f916377badda3351026d67a5c96f95f8a6885472","sha512":"f4f957862bb19e8e596b71d45df7f13505d6679dd7bcf1b3be27ac61793f0fd009f0da619fd15b1b8887d9cbd9942fee4a7995cb5f8158ecfe14ce4bb41e256e","ssdeep":"96:FI1E/n8GaNjysFjmxc43RtkzoS5HllfSqyBG2ZxenqfmH+fotyT0LJ:F//n88c4htkzoWTS9BByqfA+fo8TIJ","tlshash":"64e1a0192fe02ae351614c7c365f26c5f305422ba2a86c9978e613b88f45b79d6b83cd","first_seen":"2023-04-07T08:34:41Z","last_seen":"2026-04-14T00:40:24.886Z","times_seen":269,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/logo.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/logo.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4570\r\nlast-modified: Tue, 11 Feb 2025 03:02:30 GMT\r\netag: \"67aabdc6-11da\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4570,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ff89982ea728ec3c09d432b3c862295d","sha1":"6a78fd7c16eaf8eb41dfa73898fa09cea138ef08","sha256":"2f75468f8f60396a5f2847ce101f7675cae030d0f295daea1feca3178ea72267","sha512":"d7e8b772bb3963ddae9ceac1f3191e6fec422ab00bf9d42a9551805554efad5091a8449ea2b928466ad8caf078cb84973c6aa846d0667ef9ae1842617e9975c8","ssdeep":"96:lW0tl5++isquQ0N9lrmOLYzpYyIi3Qyuy7nsv6MwCqoz:l3Jisql0bppYzpz93QKsv6Mwcz","tlshash":"3d9196c53ba083f8a188b7d72f22146c3c12a5fe3f898e1cc2556e44d8d546c9d66997","first_seen":"2025-09-05T16:06:07.015253Z","last_seen":"2026-04-12T08:41:34.246782Z","times_seen":28,"resource_available":false,"data":null}},"time_used":921,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":918,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/install-guide-ios-3.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/install-guide-ios-3.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 63148\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-f6ac\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63148,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 377x694, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e3978e1e6b1237502dd503e9f74b0c84","sha1":"e568f81b3e5b3a81a9ebb47ca2a5cdfe97d0ca16","sha256":"ce53f530680347476f616c75896db78abc8f6865f11033aacd02d94c844e2cca","sha512":"02d208df8cbd5c993cafe68cb6b2a5c47908168e185cdc4ba8100e5aefb8cc2b7ddd53c334975a04e8f68c32b17ca7ea8c989bc2ac53c983ee4918e593514291","ssdeep":"1536:MDK6a245dPkXpLP8huN3KpppQ1hmTt7WzMq/wR4:MD05GpYY3+avmllmwu","tlshash":"8953021f9011015d1018f26d739f0ae1aeb2e72bbe984613c1622b26546c332f7df5d9","first_seen":"2025-09-05T16:06:06.937999Z","last_seen":"2026-04-12T08:41:34.24581Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1549,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1227,"receive":322,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/hk.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/hk.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 6130\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-17f2\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6130,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fb6afe54150acff450d8d749846669d7","sha1":"3a4f9fc0c3d98e00da4963162b76bf3141becfd9","sha256":"ae15f9bfd3a7928e0a6aec2fcb6a963d8e442be0544a613d6e93a8f4f8a53aa2","sha512":"3ae06374d87d29aeb987fe2cc59521c9cf6a12cb1a2cca3d9e1b9fff5c6ca978ca697b0ed5965dfb38732ec6a363ef316c074dfe834cf8a0fb2205327c8b58e0","ssdeep":"96:3CrfUtptf8l/Q1tjjEdBB87BpAcy1w6cSCol8sG/h6IFe0nzEbREmb9iwOT55f+Q:3yMDtf8hQ7TqcSBW/h6IFedRtnOvf+Q","tlshash":"08c17484b3a993b8f509b3fc071ae9343a5229d63a12d09d83953c17eda400e5db9cdb","first_seen":"2025-09-05T16:06:06.927388Z","last_seen":"2026-04-12T08:41:34.292435Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1569,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1220,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/nl.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/nl.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 382\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-17e\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":382,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1c074d8c77e86d26b7345d6ab745deef","sha1":"451eba0f1a5857ca3f3be097a3264b423b66bc2a","sha256":"b5d8288af9b7ec77d494aa618bda01827757505664fb39840118151e6e70c47e","sha512":"299b3d32af2357639353ea92104fd45b453f895ace04a22aedadc37d9bae1f3d3c8173923e1ff2623050089cb9466cc60db564f7887c6abca9a9efa051a80739","ssdeep":"","tlshash":"50e0c076208fca0ecb0443060e1f702a52a1e0c4595f9125be807b6b7c8c1ef2c653cc","first_seen":"2025-09-05T16:06:06.892136Z","last_seen":"2026-04-12T08:41:34.244764Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1564,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1215,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/facebook.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/facebook.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 3356\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-d1c\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3356,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e39f8aa5fffd664bfa468a7e3352afd4","sha1":"ba135a8282830af2ccce8d9cdaed3e698159fc14","sha256":"e58f3429ccad5fbf0e4fc1564878165719037007f84d30c092745c7d2b20d178","sha512":"44ec68b4d40247e9c17f1e9cecb4fce589da341c7016aad4822ed871c31fbbeb8a291d58d08bd4772743f7af42828bf770665711acb77ac17e04bd287e15c578","ssdeep":"","tlshash":"1961a9e5b7a8e2e5b417e3b4ca1c5893363934ffa77ac3e09bc151806f870e9144ac55","first_seen":"2025-09-05T16:06:06.916601Z","last_seen":"2026-04-12T08:41:34.288123Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1563,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1214,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/bg.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:07.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/bg.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:07 GMT\r\ncontent-type: image/webp\r\ncontent-length: 104362\r\nlast-modified: Tue, 11 Feb 2025 03:37:48 GMT\r\netag: \"67aac60c-197aa\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":104362,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a6646928f952cfb4bb2e7cae3e1d8aeb","sha1":"8ef733c60f47c7aa1fe5a86643444d8a0e07e821","sha256":"83768f91de777a2d084bb23c8d0b5965808c5dc8dff3f9a5b3f1a2c9a36660ae","sha512":"ae71d8eb8a3a64235ccc9117a9cee2d170809b23d355b413f2afbbf0d7a518dfa99ef3b2c727a4630f1938bbdbd8f084cf2bbb95bd0ddd35eb7f9f9c4b0c5960","ssdeep":"3072:khIaTS08u//9UZxvElP36u6IfCzW4fAf:khIaTP/9UvElPb2zWa","tlshash":"a5a3126347a156baca68b97c2bfb3a08d6383b1025ad89d5c92357d17b331264dc333d","first_seen":"2025-09-05T16:06:06.980434Z","last_seen":"2026-04-12T08:41:34.250353Z","times_seen":28,"resource_available":false,"data":null}},"time_used":541,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":226,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/css/style.css","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.389Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 11 Feb 2025 06:08:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67aae94a-7665\"\r\nexpires: Wed, 19 Nov 2025 22:57:06 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30309,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"ec430cb9803941ec37a9f33ff438ff3c","sha1":"5fcd9b604fc31c71ca85f618b9cba56cf71fa117","sha256":"b176ed26218e83d1bd3f9b0e560addc41c00c28e4ceaab0d6e2a377dee280e7d","sha512":"2f51af450d5e409a5610a5f776afb919d08d364db40c53b49cf2a13b1166f7884008382b50a1f1f5d52ca8e0ab18dd8e7771bb19748cfa0a04d1f061870d0543","ssdeep":"768:+2+l2+vRF/4PSF5wEFqEKeO/lwwhG+esZsqFHFLF:+2u2+vH4PSjsEKeO/lxG+esZLVlF","tlshash":"bdd263d66ba61104751fe0686ca69b15b368d443d20fcdbc7be020acaecd3d555e3b8c","first_seen":"2025-10-30T09:53:15.531812Z","last_seen":"2026-04-10T23:40:19.146799Z","times_seen":11,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":306,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/css/all.min.css","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.394Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /css/all.min.css HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 11 Feb 2025 03:02:28 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67aabdc4-189ae\"\r\nexpires: Wed, 19 Nov 2025 22:57:06 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100782,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65317)","md5":"6386fb409d4a2abc96eee7be8f6d4cc4","sha1":"09102cfc60efb430a25ee97cee9a6a35df6dfc59","sha256":"0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed","sha512":"29f91fc180ec2e4225c10a7a2c59e5f3335d2c6c6ef58000d50bf020d92ce0f85c125412bea73254b2c3f5a3215ddd77b908e85ed10a368b0e59a66a5e07a5d2","ssdeep":"1536:mUMVM6MVMkMVM9MVMNMVMispLudL+P8Wcn0Fwib3ePyUHsE+z:hudL25cn0FfePyUME+z","tlshash":"b3a3b7f5e44c05d97732c44bab95b37c65b6f738d9810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-05T03:24:19Z","last_seen":"2026-04-20T18:13:41.814429Z","times_seen":26248,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/logo-app.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/logo-app.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 622\r\nlast-modified: Tue, 11 Feb 2025 03:02:30 GMT\r\netag: \"67aabdc6-26e\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":622,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1769d63a51df63d632d819db83d1c62f","sha1":"d0bd1767820a521c5d483a75ed2f3cb271e1e215","sha256":"3793da6995454db2a04e68b45f279159f241ad0a69b3a1483f23cfcaedaa0348","sha512":"aef4869798562acec79beb3bb8038ee50ff6e6b1f1d9f696be96e624768610e0558c33266d51b2e3afec14e36eac79b0c6005b21aca955f49204fe5d647f2ff0","ssdeep":"","tlshash":"73f002dc72b8c910464c5fed375924ad0a7bd2f3214845e8c808bf35a180dae78c16cf","first_seen":"2025-09-05T16:06:06.997567Z","last_seen":"2026-04-12T08:41:34.287065Z","times_seen":28,"resource_available":false,"data":null}},"time_used":921,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":918,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/mac.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/mac.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2108\r\nlast-modified: Tue, 11 Feb 2025 03:02:30 GMT\r\netag: \"67aabdc6-83c\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2108,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e95281e9138f0974b9cfb57db1f1952d","sha1":"b32498782ba7443cb6e04fc980c10e2996d7754b","sha256":"4e0db85c8d90e6d3e4d972d803d57f8b7ab3a9a5f03a48f2c0a8de3a0c927ab1","sha512":"1ce3796999c77f65ae155e66ac976326c5b4e3a7740f63f128527584d4ee9b1c3699418c5b244dec0cf7816fb3786503cdfecb940fa596ed79bfbfd1824eb870","ssdeep":"","tlshash":"d64142f932a8bce0a0c887debf18916d319765f64ed4c104c5943f0e2424eea6864dc9","first_seen":"2025-09-05T16:06:06.99648Z","last_seen":"2026-04-12T08:41:34.252601Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1229,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/jp.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/jp.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 596\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-254\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":596,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"45b6193e5df8cc837c14014e1c7eac99","sha1":"7bc17ffdbf178ca0e264127c52ec092dbca1e824","sha256":"d604709a8551f2d8e111cae32afe4241e7ad89a68d664c88ba68aaa5406e84d1","sha512":"dcaf4a644fd3556f7e8ea8e79ea02c4570f0a41c870d2a59faa4925a23673c1adf279ee0b3554d85550cdadd54bf660959f458a05ec2fc1686fa46cc128665c1","ssdeep":"","tlshash":"3cf0acb6f35c8219d60843dc8b0cb0f842a1f0c0a2084481aa40aabe7a58a279db25dc","first_seen":"2025-09-05T16:06:06.911216Z","last_seen":"2026-04-12T08:41:34.24783Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1219,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/fr.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.487Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/fr.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 523\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-20b\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":523,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5e74c789655853e516bcb9105b6e1aa0","sha1":"83842c041fcf97cfb1c2d3a7c0eaa3697cc9901f","sha256":"dfdee3cb61c5c4e64e7b15dd81d1c4bb73c25c55c4404c36cfa3ead98e75cb92","sha512":"8e1e24ddd2b5cfdbf1921054c4c6085103a853490bc494ccbd65de822517335276d47f69c5b44435081802121edd6f6cf218c5063ff9c38a1e5f297dfd8d4091","ssdeep":"","tlshash":"a9f059a4724d4a1ecb40834d1f1cb8f50092e0c9464c54c5fe84776f355c6971c776cc","first_seen":"2025-09-05T16:06:06.900072Z","last_seen":"2026-04-12T08:41:34.240168Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1565,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1216,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/youtube.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/youtube.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 5023\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-139f\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5023,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"746186189c845996b5b7584ce65e8664","sha1":"71f660521b4081fb38e45f3e7d207abe658eed02","sha256":"34379147a21d6371682bc04d1763e027e8d50d201baa85ad8eff35841819e367","sha512":"1aff31308fbd15403de70b61de2ff93cb8182299e8446f77294b72229bc7c3270750ec521e65069ffc19e03404f4694034a4d203370b553edf248cc9eef1b110","ssdeep":"96:Pq4iCJ8KeCcW9Ve4kcnjjwV3BV50f9tevAzeJpDko61ye8Pd1hrbRSaU/+:fHH+VTg94nJmo6o1Cap","tlshash":"f1a175e0639463fd6443f3bdd52282633a2b38fb3396df4ac2d1ae9560921148dd8d95","first_seen":"2025-09-05T16:06:07.00841Z","last_seen":"2026-04-12T08:41:34.248447Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1564,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1215,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hm.baidu.com/hm.js?6943b489db7c05ef82cea35b91cb9174","fqdn":"hm.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"183.240.98.228","port":443,"asn":56040,"as":"China Mobile communications corporation","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:07.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"baidu.com","organization":"Beijing Baidu Netcom Science Technology Co., Ltd"},"issuer":{"commonName":"GlobalSign RSA OV SSL CA 2018","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 09 Jul 2025 07:01:02 GMT","end":"Mon, 10 Aug 2026 07:01:01 GMT"},"fingerprint":{"sha1":"21:BF:66:0D:67:BE:7A:7F:49:48:05:30:F4:7F:09:F2:30:36:CA:63","sha256":"0D:82:2C:9A:90:5A:EF:E9:8F:37:12:C0:E0:26:30:EE:95:33:2C:45:5F:E7:74:5D:F0:8D:BC:79:F4:B0:A1:49"}}},"request":{"raw":"GET /hm.js?6943b489db7c05ef82cea35b91cb9174 HTTP/1.1\r\nHost: hm.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nCache-Control: max-age=0, must-revalidate\r\nContent-Encoding: gzip\r\nContent-Length: 11291\r\nContent-Type: application/javascript\r\nDate: Wed, 19 Nov 2025 10:57:08 GMT\r\nEtag: c6fb16cd6e8da209b507e921ea78be2b\r\nP3p: CP=\"CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR\"\r\nServer: apache\r\nSet-Cookie: HMACCOUNT=20E84E839B8908A4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT\r\nStrict-Transport-Security: max-age=172800\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":29897,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (621)","md5":"c977351e3a0641ad33df69318622d018","sha1":"88f1d044038d72ec180a37f8ec1b1df6ab1485d4","sha256":"c0d3e99fd141458680949672b9aa16b7f3a05fa093022fe55873848bedf88846","sha512":"84d83b8d1e78d7af3b61af98c77072876264c30e17412cd3fea38027e902bab5411617a3ad7f51c7ab8a018aff38b462eb0708262827996e5b66239dee361260","ssdeep":"384:r6JSoLMJJTRl6s1JXFVCFI/TayvuodsZPIGm8XaR1JRwvutq1tGdc7M04gRw6:r64VJfHgMdvussZPIx82Rwvutcto07v","tlshash":"e3d2d9e9b282713293a324a5153f324af07b5a54bd4968a4f11894c07d38fbb027bfdd","first_seen":"2025-11-19T10:57:35.19569Z","last_seen":"2025-11-19T10:57:35.19569Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1800,"timings":{"blocked":744,"dns":1,"connect":244,"send":0,"wait":311,"receive":1,"ssl":497},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/css/css2?family=Noto+Sans+SC:wght@100..900\u0026family=Noto+Serif+SC:wght@200..900\u0026display=swap","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /css/css2?family=Noto+Sans+SC:wght@100..900\u0026family=Noto+Serif+SC:wght@200..900\u0026display=swap HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 228027\r\nlast-modified: Tue, 11 Feb 2025 03:02:30 GMT\r\netag: \"67aabdc6-37abb\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":228027,"size_decoded":0,"mime_type":"application/octet-stream","magic":"ASCII text, with very long lines (934)","md5":"65168fe775bacd8b5ba380221d7c1c1c","sha1":"82b68250eca52e33f2b02d70e3d79c6e6c3fe406","sha256":"560e80fe7d2aca24a064e6b23234ad1455dd2635824280c0205bb7c338e17bc9","sha512":"716ee5c72c1ad60494a86d1880de24337707ae2e32feca269958d7307e58c7b211435e87cca4d0986b2b678a601e3c8deccb97e7366e460d72f618c0dc0ec66c","ssdeep":"1536:mrlLN7SPsNaYPlicNpJmvlB5DnEfRMIyM4+ye+xT3DpRVOkkGNUzm6+klvOtxlrU:4FtguPMFRIkkfn+9DhYur6rRO6knTgP","tlshash":"6c2411a1460785dffda76ca392cdd514bea964bcf980893c56f549d3ac0a00ed1cbb8c","first_seen":"2025-10-30T09:53:15.56838Z","last_seen":"2026-04-10T23:40:19.098302Z","times_seen":11,"resource_available":false,"data":null}},"time_used":1252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":609,"receive":643,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/android.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/android.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2450\r\nlast-modified: Tue, 11 Feb 2025 03:02:30 GMT\r\netag: \"67aabdc6-992\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2450,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6cc1576e3ba945e1d5d40e486ac7f04a","sha1":"84a929f7e0fe8a62ba715005dcae7308a80efaba","sha256":"a9f1ecbdab1bd4b1c1441690821398c1ac65356751523a50959707e308ce4243","sha512":"ec6b608c1e8481e987be5443b4bbd20e983f4435eea3d4739986623fbcd6aa966f21da222c6e14ddd1eada761d535370a2088d98903521555ce2a0eb63360bb4","ssdeep":"","tlshash":"ae5173aa71689cb9d940c3cc9289e4a92146d5fae98102d5f7525b0e6c388e7fc1d3cf","first_seen":"2025-09-05T16:06:07.007234Z","last_seen":"2026-04-12T08:41:34.295067Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1230,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/rocket-tutor-02.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/rocket-tutor-02.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 32144\r\nlast-modified: Tue, 11 Feb 2025 03:02:30 GMT\r\netag: \"67aabdc6-7d90\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32144,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x1920, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4725a9a040fd197a55bdaa1a772eed68","sha1":"afdbbfe852465a065471d7065b706b684a5c9bcf","sha256":"c27625cf0ea960cc374f51ed2c1a556765c5e6c08e685d03f2bc7cc1c20c64ab","sha512":"6e620907dbfc9b1e3caff59266aa2cd4b34be1a04e7326f165352d2c534ec6a5f9ecf1001e6c854244dcab1797304f89b761ad42bdef0ec74be05c97f9586709","ssdeep":"768:e1gn5Gi74JeGDwl0Yk6cZH9OvJyjNVFJHkAxm/Uug:Nwi7Bgwl0AcTyoVFJcUug","tlshash":"13e2e168c1c419ce12deedaad4e68e83b8a30441f08a581dd5bc3f5bf81d685c277e26","first_seen":"2025-09-05T16:06:06.977396Z","last_seen":"2026-04-12T08:41:34.282451Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1541,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1228,"receive":313,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/install-guide-ios-5.webp","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/install-guide-ios-5.webp HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/webp\r\ncontent-length: 34646\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-8756\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34646,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 521x1046, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"974f1d9bd5d702511f803d2fdf243a5e","sha1":"5f9b3d69c64dd4e973aeda6b2d72e51a039e6d71","sha256":"cffcfa3f664e3f440cbf03a94c53ba55e50d78395e40a9da903f9bcd4d4d4c7e","sha512":"c3cfc689642fda70a962695910aa02f855d8c6146929dfd47b49af0aaf4f8a56bac4da650d8d1f7331633da1290771413dbf8204d476958e91073e62dca8d643","ssdeep":"768:1Nx5elAWpuXrRlQVQtGlMQJCL6z/2e1JBhwAcAHzaXDWJwjWwJZ2X0:v2AW4XrRlujmS2eDB+AVHzaXDMIWoZ2k","tlshash":"6cf2f2afb9629838d3b5d491b389578a55e33fd0cefc42880112541d28a7f0dbbbf508","first_seen":"2025-09-05T16:06:06.933882Z","last_seen":"2026-04-12T08:41:34.294316Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1555,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1226,"receive":329,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/sg.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/sg.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1518\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-5ee\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1518,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6250916645b84fe64106ad0a7b072dc0","sha1":"2d6f605fc052e5847eda1498f118c8c84569ca20","sha256":"11fca513f2cbe89255d59622a3e2c5ab753315a7f2b6481d515900094ebc839c","sha512":"856ffb762ff67a517b43eaed488d3759204912aa2dc891d885b19a5a79ddc3461f301409a5e91297e390b238e8b3345702d80dfe6a2856a03ccaf0addac0705a","ssdeep":"","tlshash":"c83100f0234de2d1c306abe9872b50b46236f5f89f44d95257c17e4a7cd859b1c29dc0","first_seen":"2025-09-05T16:06:06.999795Z","last_seen":"2026-04-12T08:41:34.247272Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1219,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/img/us.svg","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /img/us.svg HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 6749\r\nlast-modified: Tue, 11 Feb 2025 03:02:32 GMT\r\netag: \"67aabdc8-1a5d\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6749,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6e3553cb391a65186d1a11df7b29a3ca","sha1":"e1a97a4bb44e070d9a6c6dac842343c773af9e25","sha256":"ef0c5313680ac03b4b4c880af039de57d26c1c505df7ae18b78a03fe2bd4841e","sha512":"c54f8f4a0c5462940e05e4ec75b712d62220fbf3a766462f692d19326f0b1b637c9fe4c7441d7cdc100ecdd287d2e178f6187229110927bc00c8ab37047f8383","ssdeep":"96:38isOCrdOC3EOWzMBcUMMyFGJz/otEYU3+Mw7zx55VVEWLEqhpl3Fc:3oz/ocw7zxvVVEWLEolVc","tlshash":"d6d1b0e07708c1805b0c9b697a0e68b98535b4efe9e9d9c80fd5268f79905ef08dcad0","first_seen":"2025-09-05T16:06:06.915504Z","last_seen":"2026-04-12T08:41:34.282913Z","times_seen":28,"resource_available":false,"data":null}},"time_used":1567,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1218,"receive":349,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"alqard2u.com/js/swiper-bundle.min.js","fqdn":"alqard2u.com","domain":"alqard2u.com","tld":"com"},"ip":{"addr":"154.31.179.133","port":443,"asn":140224,"as":"STARCLOUD GLOBAL PTE., LTD.","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://alqard2u.com/","date":"2025-11-19T10:57:06.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"alqard2u.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Oct 2025 15:15:27 GMT","end":"Tue, 06 Jan 2026 15:15:26 GMT"},"fingerprint":{"sha1":"71:FC:63:DC:F4:8F:24:68:52:55:63:7F:C5:2F:F5:8E:A2:70:F0:75","sha256":"91:00:78:0C:D6:39:1A:79:57:92:EA:F4:74:20:B1:97:DB:21:08:2D:BC:8F:CB:42:35:09:F5:71:05:40:58:87"}}},"request":{"raw":"GET /js/swiper-bundle.min.js HTTP/1.1\r\nHost: alqard2u.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://alqard2u.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 19 Nov 2025 10:57:06 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 11 Feb 2025 03:02:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"67aabdca-22512\"\r\nexpires: Wed, 19 Nov 2025 22:57:06 GMT\r\ncache-control: max-age=43200\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":140562,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65283)","md5":"21b78ba7133b3d67cf8b09cd6a26d386","sha1":"ea59f37b232db6dee2694078bf21e153a09bacdd","sha256":"6f9df49fe12f77b66daba876cb33b7090b2443f570a2a4b9541cddd705440aa5","sha512":"dc48bb38f168f37930ddc3db0cb78b867fd817cb5907b56cf2c7e58b407f2847a4bab78be5ea2c0deb216052020afb782bc8b4c948a5fe52b77128a27365a392","ssdeep":"1536:TIJQfGP7LP8NEuWGKF+IlzholxU/2Bkt+9SD8jv1nTHlU9ymp8Mj0HEOS5hAsVuZ:0JCN+TXD2BkQZFU9tp8Mj0k95h5cpnv","tlshash":"02d3f8896221b57646e316db93e4c221a3b50544b80ac8f470bd4c9f597ec9813feffa","first_seen":"2023-06-14T11:52:48Z","last_seen":"2026-04-20T11:35:00.24225Z","times_seen":3237,"resource_available":true,"data":null}},"time_used":1212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-19","alert":"Sinkholed","trigger":"alqard2u.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}