urlquery - report: superliving.co.uk/tuae/index.php?e=qbot.zip

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-08 06:06:41 UTC	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	35.162.217.251
img-getpocket.cdn.mozilla.net (7)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
superliving.co.uk (23)	0	2019-02-06 13:02:27 UTC	2022-11-08 17:26:36 UTC	194.1.147.66	Unknown ranking
r3.o.lencr.org (8)	344	No data	No data	23.36.77.32

Scan Date	Severity	Indicator	Comment
2022-11-08	2	superliving.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=6.1	Malware
2022-11-08	2	superliving.co.uk/wp-content/themes/popcorn/fonts/fa-minimal/style.css?ver=6.1	Malware
2022-11-08	2	superliving.co.uk/wp-content/plugins/essential-addons-for-elementor-lite/as (...)	Malware
2022-11-08	2	superliving.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-11-08	2	superliving.co.uk/wp-content/plugins/contact-form-7/includes/js/index.js?ve (...)	Malware
2022-11-08	2	superliving.co.uk/wp-content/themes/popcorn/js/popcornsearch.js?ver=6.1	Malware
2022-11-08	2	superliving.co.uk/wp-content/plugins/elementor/assets/css/frontend-legacy.m (...)	Malware
2022-11-08	2	superliving.co.uk/wp-content/plugins/contact-form-7/includes/swv/js/index.j (...)	Malware
2022-11-08	2	superliving.co.uk/wp-content/plugins/essential-addons-for-elementor-lite/as (...)	Malware
2022-11-08	2	superliving.co.uk/wp-content/themes/popcorn/js/popcornnav.js?ver=6.1	Malware

Scan Date	Severity	Indicator	Comment
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed

Scan Date	Severity	Indicator	Comment
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed
2022-11-08	2	superliving.co.uk	Sinkholed

Date	UQ / IDS / BL	URL	IP
2022-11-08 21:29:30 +0000	0 - 0 - 56	superliving.co.uk/tuae/index.php?e=qbot.zip	194.1.147.89

Date	UQ / IDS / BL	URL	IP
2023-01-17 02:58:02 +0000	0 - 1 - 0	www.florenceah.com/	194.1.147.92
2023-01-14 01:49:32 +0000	0 - 0 - 6	blogdecachorros.com/caes-com-baixa-manutencao/	194.1.147.50
2023-01-13 20:18:26 +0000	0 - 2 - 2	cancatseat.com/turkey/	194.1.147.24
2023-01-09 12:44:31 +0000	0 - 0 - 3	nordictb.com/wp-admin/m/mkbssl/eaa1da31f79917 (...)	194.1.147.69
2023-01-08 12:20:40 +0000	0 - 1 - 0	waiuku.school.nz/contact-us/	194.1.147.14

Date	UQ / IDS / BL	URL	IP
2022-11-19 19:12:22 +0000	0 - 0 - 34	superliving.co.uk/tuae/index.php?e=qbot.zip	194.1.147.66
2022-11-08 21:29:30 +0000	0 - 0 - 56	superliving.co.uk/tuae/index.php?e=qbot.zip	194.1.147.89
2022-11-06 18:40:02 +0000	0 - 0 - 4	superliving.co.uk/tuae/index.php?e=qbot.zip	199.188.206.73
2022-11-04 20:34:36 +0000	0 - 0 - 6	superliving.co.uk/tuae/index.php?e=qbot.zip	199.188.206.73

Date	UQ / IDS / BL	URL	IP
2022-11-19 19:12:22 +0000	0 - 0 - 34	superliving.co.uk/tuae/index.php?e=qbot.zip	194.1.147.66

Request	Response
GET /tuae/index.php?e=qbot.zip HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: superliving.co.uk/tuae/index.php?e=qbot.zip FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982 194.1.147.66 HTTP/1.1 301 Moved Permanently Content-Type: text/html Date: Tue, 08 Nov 2022 21:29:17 GMT Content-Length: 707 Connection: keep-alive location: https://superliving.co.uk/tuae/index.php?e=qbot.zip vary: Accept-Encoding,Origin wpx: 1 x-turbo-charged-by: LiteSpeed X-Edge-Location: WPX CLOUD/NOR01 Server: WPX CLOUD/NOR01 X-Cache-Status: BYPASS --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 707 Md5: 1304294c0823ca486542ba408ed761e3 Sha1: b2a70fb2d810ca13985882e6981f33998823e83e Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982 Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB" Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5529 Expires: Tue, 08 Nov 2022 23:01:26 GMT Date: Tue, 08 Nov 2022 21:29:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c7a8ba48383a0e56baca8c8c41b81a04 Sha1: b04c1f1e730a71f17ff639c9db697c532d4e5421 Sha256: 7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4577 Cache-Control: max-age=137891 Date: Tue, 08 Nov 2022 21:29:17 GMT Etag: "636a2fef-1d7" Expires: Thu, 10 Nov 2022 11:47:28 GMT Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT Server: ECS (ska/F719) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 7908acd0c083145e2b454aaeb063c236 Sha1: 0696647bb0a4118327f637a50ebcc21bac39d592 Sha256: ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37" Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12283 Expires: Wed, 09 Nov 2022 00:54:00 GMT Date: Tue, 08 Nov 2022 21:29:17 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 9a21dcd6794c5ba4178522096f695511 Sha1: d731cf49db5e048d0d820d5cee03417cdd8c1c7b Sha256: c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 7GL0rx0XkfEy4JDQzyf72/iz/TTX0HMzGB9/6tanO37U43GygMSuQPlLI6HzQJJ7qq39b7cuUOk= x-amz-request-id: CYAGFVH6ZXZ4K4S8 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 08 Nov 2022 21:11:27 GMT age: 1070 last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 67d5a988edcda47bc3b3b3f65d32b4b6 Sha1: d4f0e0da8b3690cc7da925026d3414b68c7d954f Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 08 Nov 2022 21:29:17 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 5d5d2d9aeff2e5ac8e37e53ba7c13c29150fad1a85d9cba22bbee09e61ec8ccd 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5D5D2D9AEFF2E5AC8E37E53BA7C13C29150FAD1A85D9CBA22BBEE09E61EC8CCD" Last-Modified: Mon, 07 Nov 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21541 Expires: Wed, 09 Nov 2022 03:28:19 GMT Date: Tue, 08 Nov 2022 21:29:18 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 014c4b448d350a805ff59c106ec3d581 Sha1: 1efd69f2392d4202400f7dccd9d6d41fa780776f Sha256: 5d5d2d9aeff2e5ac8e37e53ba7c13c29150fad1a85d9cba22bbee09e61ec8ccd
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3847 Cache-Control: max-age=132095 Date: Tue, 08 Nov 2022 21:29:18 GMT Etag: "636a1c26-1d7" Expires: Thu, 10 Nov 2022 10:10:53 GMT Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT Server: ECS (ska/F719) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 2a47d129a3af5f02c654faf925c60273 Sha1: 9ad27ed9f4500c939260a677c12e702599b00fa9 Sha256: 0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Htf9yhwsNA3BGw7m2Mx/eg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.162.217.251 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.162.217.251 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: ZORcvDbd5nF07ZIEVTAuDiQa5t4= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tuae/index.php?e=qbot.zip HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: superliving.co.uk/tuae/index.php?e=qbot.zip FQDN: superliving.co.uk IP: 194.1.147.66 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 194.1.147.66 HTTP/2 301 Moved Permanently content-type: text/html; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:19 GMT content-length: 0 expires: Tue, 08 Nov 2022 22:29:19 GMT cache-control: max-age=3600 x-redirect-by: WordPress location: https://superliving.co.uk/tuae/?e=qbot.zip vary: Accept-Encoding,Origin wpx: 1 x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: BYPASS X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B" Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12425 Expires: Wed, 09 Nov 2022 00:56:24 GMT Date: Tue, 08 Nov 2022 21:29:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4599ea4ab89bca0461dfc4e86cf90610 Sha1: d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a Sha256: 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B" Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12425 Expires: Wed, 09 Nov 2022 00:56:24 GMT Date: Tue, 08 Nov 2022 21:29:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4599ea4ab89bca0461dfc4e86cf90610 Sha1: d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a Sha256: 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B" Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12425 Expires: Wed, 09 Nov 2022 00:56:24 GMT Date: Tue, 08 Nov 2022 21:29:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4599ea4ab89bca0461dfc4e86cf90610 Sha1: d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a Sha256: 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B" Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12425 Expires: Wed, 09 Nov 2022 00:56:24 GMT Date: Tue, 08 Nov 2022 21:29:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4599ea4ab89bca0461dfc4e86cf90610 Sha1: d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a Sha256: 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B" Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12425 Expires: Wed, 09 Nov 2022 00:56:24 GMT Date: Tue, 08 Nov 2022 21:29:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4599ea4ab89bca0461dfc4e86cf90610 Sha1: d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a Sha256: 6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4737 x-amzn-requestid: ad230e08-9f4e-46cf-9a86-f8e013a1c498 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bQBFkEhLIAMFq_g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63697bbd-7e8b686a23a84c5d473c9ef5;Sampled=0 x-amzn-remapped-date: Mon, 07 Nov 2022 21:42:21 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: FoOPmZEjC6nhw801dgqENVL-9-aC0pyFAF-fMS57XzQyfxck2GGUvA== via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google date: Mon, 07 Nov 2022 21:49:14 GMT age: 85205 etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4737 Md5: 39446652ee66d20bd73df20f1a29589c Sha1: 349ea78f3ad0f2f7376ba22e417226b2e06806d7 Sha256: 655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 49ce70117f2b108ebcff7f8e0ac14b2583eaf6b36a10baff097b35b728ba44d9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10781 x-amzn-requestid: c5063271-8b84-41d7-899c-958c135541c4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bQAwTF2cIAMF0DQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63697b34-6b6018d826efae3e3738a7d9;Sampled=0 x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:04 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: yfT-BN4Codmr6J5v6xIIIpOG5EaHI1xnOqineRxdeQ3VJ_MmujMZew== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google date: Mon, 07 Nov 2022 21:42:38 GMT age: 85601 etag: "5d51855ed7cc6f8cac53eef1730212eb70b28036" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10781 Md5: 4ff4c1be0934222258267f7595f2ecde Sha1: 5d51855ed7cc6f8cac53eef1730212eb70b28036 Sha256: 49ce70117f2b108ebcff7f8e0ac14b2583eaf6b36a10baff097b35b728ba44d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10462 x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: aMF6oEz_oAMF8Hg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0 x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google date: Tue, 08 Nov 2022 06:28:01 GMT age: 54078 etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10462 Md5: 4e2853cc6ec6223160471401e6871f4b Sha1: f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c Sha256: bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 9576f9ad95c958887de953dee72b267cd0ed7293ed62fb540df76a2d49fac035 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4527 x-amzn-requestid: c3be9447-c43a-48d6-9aef-c0999742886c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bQA1GFN5IAMFaRw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63697b53-3bb315de52dcf6114da9ad05;Sampled=0 x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:35 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: _nFA59k8ERwiA6Ct_pZJs0WkFuagosyyiOkeQc1PuWMcno-Lpz4UfA== via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google date: Mon, 07 Nov 2022 21:42:39 GMT etag: "f7ae1b83a0199b76dd0d31a21db4072b867e4f37" age: 85600 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4527 Md5: 7884b85a4b30e918a0b44f73a301a78b Sha1: f7ae1b83a0199b76dd0d31a21db4072b867e4f37 Sha256: 9576f9ad95c958887de953dee72b267cd0ed7293ed62fb540df76a2d49fac035
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b21622ee7e858a4508096480ec3ffba824e96d469b0fcfa0f6daaabad296fd40 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12165 x-amzn-requestid: 7baae03c-2e22-477c-9c14-d21a26469b47 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bQAvEFHdIAMF_XQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63697b2d-2edb1d9722872b1166a5b085;Sampled=0 x-amzn-remapped-date: Mon, 07 Nov 2022 21:39:57 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 1QlljbC_YBobvvYSxTH2jH4a4kZAK8Am-k6CNxJrLIm1TY1gbfP1gg== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google date: Mon, 07 Nov 2022 21:42:40 GMT age: 85599 etag: "6f246d25b36dc880489f3af2ae8767a0f5f2542b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12165 Md5: 37802736d42529da1237e5d89e253928 Sha1: 6f246d25b36dc880489f3af2ae8767a0f5f2542b Sha256: b21622ee7e858a4508096480ec3ffba824e96d469b0fcfa0f6daaabad296fd40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 2263e6c2417c5a40885359d93939febbb9e94cef1c598b7ef95069d50275bf28 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5978 x-amzn-requestid: e4cff3d7-86a7-44a8-8858-7c893c19e76c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bQAVFHdWIAMFQZg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63697a86-60d1a8250e0017a3574a6642;Sampled=0 x-amzn-remapped-date: Mon, 07 Nov 2022 21:37:10 GMT x-amz-cf-pop: SEA19-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: qSguV2gfEtxsoWSMifxQEbIAAqhUDgVom0IWauJEIrFoMA5f17J-GA== via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google date: Mon, 07 Nov 2022 21:42:26 GMT age: 85613 etag: "8e549621e4182a257895a03db93e786bd86072a5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5978 Md5: d22d633d497f2e25eab580a648c05434 Sha1: 8e549621e4182a257895a03db93e786bd86072a5 Sha256: 2263e6c2417c5a40885359d93939febbb9e94cef1c598b7ef95069d50275bf28
GET /wp-content/themes/popcorn/css/main.css?ver=1.1.2b HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/themes/popcorn/css/main.cs (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: fd61dd607c4d030c3b20d45d4e2ffdc00deffd52fb6472cf2d021830245b3241 194.1.147.66 HTTP/2 200 OK content-type: text/css; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 3195 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Tue, 08 Nov 2022 05:24:21 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 3195 Md5: c51459eac53ec2441641d5cd779794de Sha1: eabf493e5316e363fa2c6099c6975c1afb2b6ef4 Sha256: fd61dd607c4d030c3b20d45d4e2ffdc00deffd52fb6472cf2d021830245b3241 Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /tuae/?e=qbot.zip HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers	URL: superliving.co.uk/tuae/?e=qbot.zip FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 83ced6b87f1f4b6af4faec37880cc0719554ff9108647e535bedf7d8340e4d0c 194.1.147.66 HTTP/2 404 Not Found content-type: text/html; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 link: <https://superliving.co.uk/wp-json/>; rel="https://api.w.org/" content-encoding: br vary: Accept-Encoding,Origin wpx: 1 x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11272) Size: 10750 Md5: 35f1f2b94d4ecfa9813f745c232fd302 Sha1: 4c19755f822dbebc394479207c5b4464dbd2f71b Sha256: 83ced6b87f1f4b6af4faec37880cc0719554ff9108647e535bedf7d8340e4d0c Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-includes/css/dist/block-library/st (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: e274dc85b6107cb6054dbee83ddb1e3dda3162ca8f93b16b2d692a451cf9511d 194.1.147.66 HTTP/2 200 OK content-type: text/css; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 11601 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Mon, 07 Nov 2022 10:34:53 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (47826) Size: 11601 Md5: 3f7f7fa954242b63cf5127c14417c6e5 Sha1: 712c7c9ea049d297e3fb27d3c805be5c5867c4d4 Sha256: e274dc85b6107cb6054dbee83ddb1e3dda3162ca8f93b16b2d692a451cf9511d Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/themes/popcorn/fonts/fa-minimal/style.css?ver=6.1 HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/themes/popcorn/fonts/fa-mi (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 6dbcbd540a43bc954816b375e1215264f64c756c79a176b1d116a4d23b409a03 194.1.147.66 HTTP/2 200 OK content-type: text/css; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 1132 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Tue, 08 Nov 2022 05:24:21 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 1132 Md5: 3154b610f0d4d02b6786da77339da8e0 Sha1: bb1a7200f86204fd747dbf0f4d03c886eb994e77 Sha256: 6dbcbd540a43bc954816b375e1215264f64c756c79a176b1d116a4d23b409a03 Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/themes/popcorn/css/util.css?ver=1.1.2b HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/themes/popcorn/css/util.cs (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 9d6ac6b427848874003e4bbea0fdd5f8df10c598036fcd0585fdb95ff444f919 194.1.147.66 HTTP/2 200 OK content-type: text/css; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 794 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Tue, 08 Nov 2022 05:24:21 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 794 Md5: 5b31fb8b209a50ddea7aa90a9be345c8 Sha1: 27bece94057eac4a0e538bac423de478d6e03c9a Sha256: 9d6ac6b427848874003e4bbea0fdd5f8df10c598036fcd0585fdb95ff444f919 Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.2 HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/plugins/essential-addons-f (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: f33030c0a254c90f0fc701442b0468c882d105c44f20923696747cc09e7709cd 194.1.147.66 HTTP/2 200 OK content-type: text/css; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 708 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Mon, 07 Nov 2022 10:37:34 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (3432) Size: 708 Md5: f3ca6b9879df2ed966ae1150f3353baa Sha1: 03c9aa5c941faad5f1efb4aa66ff623220f697ab Sha256: f33030c0a254c90f0fc701442b0468c882d105c44f20923696747cc09e7709cd Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-includes/js/jquery/jquery-migrate. (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1 194.1.147.66 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 3995 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Mon, 07 Nov 2022 10:35:17 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (11126) Size: 3995 Md5: 7e058b51f939eacfa31cdface14dded5 Sha1: 9d732e5afdeb42edef9e1b9631b7e95e054787cc Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1 Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/plugins/contact-form-7/inc (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d 194.1.147.66 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 3706 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Tue, 08 Nov 2022 07:42:57 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (12310), with no line terminators Size: 3706 Md5: dc6411bfa6891b75944f0074c945752d Sha1: 03c1a8b686c287068c61ab90f58d905496d65085 Sha256: 96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/themes/popcorn/js/popcornsearch.js?ver=6.1 HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/themes/popcorn/js/popcorns (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 1564940489f446426ab0f3d2c2f6e4bbb6a72556f090efbc5cc5b45412c56991 194.1.147.66 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 322 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Tue, 08 Nov 2022 05:24:21 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 322 Md5: 3130376714fa2c030cc5fbb9459d6698 Sha1: 9e7bb5105e066cd79de12c376caef4d3e754dd6b Sha256: 1564940489f446426ab0f3d2c2f6e4bbb6a72556f090efbc5cc5b45412c56991 Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.8.0 HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/plugins/elementor/assets/c (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 1f8f006be8408188d5a4e046a782eff82847eba49a3948e17fc3299ea8aa484b 194.1.147.66 HTTP/2 200 OK content-type: text/css; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 741 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Mon, 07 Nov 2022 10:36:52 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (13766) Size: 741 Md5: db566adedd989d74f2014fcfa86029d4 Sha1: 47f13cb67686182dcd1ca098273474c1f63a7648 Sha256: 1f8f006be8408188d5a4e046a782eff82847eba49a3948e17fc3299ea8aa484b Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/uploads/2021/01/cropped-cropped-superliving-4.gif HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/uploads/2021/01/cropped-cr (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 7321169d88462cdf5f272d8b3436350a7faaa371ad63ee35d351ba7581d08bb2 194.1.147.66 HTTP/2 200 OK content-type: image/gif date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 5368 cache-control: public, max-age=10368000,public expires: Wed, 08 Mar 2023 21:29:20 GMT last-modified: Mon, 15 Aug 2022 14:58:31 GMT vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 87a, 290 x 52\012- data Size: 5368 Md5: 4621f421b578848c4f948dad37946074 Sha1: aaa2aa72b105b8ba6c443aa4fb823347f7efd6eb Sha256: 7321169d88462cdf5f272d8b3436350a7faaa371ad63ee35d351ba7581d08bb2 Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/plugins/contact-form-7/inc (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d 194.1.147.66 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 2817 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Tue, 08 Nov 2022 07:42:57 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (9937), with no line terminators Size: 2817 Md5: 4317b1c024df372435f6482deadddeb3 Sha1: 5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5 Sha256: 3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2 HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/plugins/essential-addons-f (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: c58c19b04900fc0cadf8f7f8ad6da45e381e7bd5872fb64e8ede1b316d77b58f 194.1.147.66 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 2660 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Mon, 07 Nov 2022 10:37:36 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (8014), with no line terminators Size: 2660 Md5: 4260ecd7b11c8b2261939504401ec355 Sha1: f0e4955a2e1e589891a198d7e1508a96013ff9e1 Sha256: c58c19b04900fc0cadf8f7f8ad6da45e381e7bd5872fb64e8ede1b316d77b58f Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/themes/popcorn/js/popcornnav.js?ver=6.1 HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/themes/popcorn/js/popcornn (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 0c6eace2072999b2d656ed144c5fdd9c2e3532e8f619aeeac6efb112714ca0cd 194.1.147.66 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 96 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Tue, 08 Nov 2022 05:24:21 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 96 Md5: d51dc92fe8d60e86a079a6c918cc3c8e Sha1: 4c2510cfe17f72d0e139fae479297e6605270e28 Sha256: 0c6eace2072999b2d656ed144c5fdd9c2e3532e8f619aeeac6efb112714ca0cd Alerts: Blocklists: - fortinet: Malware - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.0 HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/plugins/elementor/assets/c (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: dc05465601ddab95dcfd58747074a3e84f145423650f49e7296715477974c24d 194.1.147.66 HTTP/2 200 OK content-type: text/css; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 18162 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Mon, 07 Nov 2022 10:36:52 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65497) Size: 18162 Md5: ee4463ac468ee39eea8ff0e5570e3e1d Sha1: e9dc451292b5726122f0cc9646aed0c675feff50 Sha256: dc05465601ddab95dcfd58747074a3e84f145423650f49e7296715477974c24d Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-includes/js/jquery/jquery.min.js?v (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef 194.1.147.66 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 30324 cache-control: public, max-age=31536000,public expires: Wed, 08 Nov 2023 21:29:20 GMT last-modified: Mon, 07 Nov 2022 10:35:17 GMT content-encoding: br vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65447) Size: 30324 Md5: 3a1740685bd5c0bbd5f2b812e1eb7fb4 Sha1: 488e07695da787fed18361c50292aef35abb5e81 Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/themes/popcorn/img/cat-popcorn.jpg HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/themes/popcorn/img/cat-pop (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 3d8fc2c96a4ba0fec3213e93c5b8759d06adf0fb6612bdd75cff5fad7329d9d8 194.1.147.66 HTTP/2 200 OK content-type: image/jpeg date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 62826 cache-control: public, max-age=10368000,public expires: Wed, 08 Mar 2023 21:29:20 GMT last-modified: Tue, 08 Nov 2022 05:24:21 GMT vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x675, components 3\012- data Size: 62826 Md5: 86118be7041c365320094d37fef0144f Sha1: 3afb1827dca805f87a2bad67d7203d989b521fbd Sha256: 3d8fc2c96a4ba0fec3213e93c5b8759d06adf0fb6612bdd75cff5fad7329d9d8 Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/themes/popcorn/img/search-icon.png HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/themes/popcorn/img/search- (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 873f79f87fad0c56389cb5d813acfd5e0a58dc95a66c4e54f9f1e853cd9de5f4 194.1.147.66 HTTP/2 200 OK content-type: image/png date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 598 cache-control: public, max-age=10368000,public expires: Wed, 08 Mar 2023 21:29:20 GMT last-modified: Tue, 08 Nov 2022 05:24:21 GMT vary: Accept-Encoding,Origin wpx: 1 x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 18 x 19, 8-bit colormap, non-interlaced\012- data Size: 598 Md5: 41e5308653cd822e89bf4c70a3368ca7 Sha1: a0c8c414a66b14528db89005965c73a23da69443 Sha256: 873f79f87fad0c56389cb5d813acfd5e0a58dc95a66c4e54f9f1e853cd9de5f4 Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/uploads/2021/01/cropped-superliving-2.gif HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/uploads/2021/01/cropped-su (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 546fbf5b6ba7f42a9759855faf63440146c833110d3427adda485bbc61c36527 194.1.147.66 HTTP/2 200 OK content-type: image/gif date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 8890 cache-control: public, max-age=10368000,public expires: Wed, 08 Mar 2023 21:29:20 GMT last-modified: Mon, 15 Aug 2022 15:05:17 GMT vary: Accept-Encoding,Origin wpx: 1 x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 87a, 475 x 86\012- data Size: 8890 Md5: f34d97373cbd7b90217fc29eebe7c4e9 Sha1: 57a8ea515b12fc9bd424d47061459133ce8285e3 Sha256: 546fbf5b6ba7f42a9759855faf63440146c833110d3427adda485bbc61c36527 Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/uploads/2021/01/cropped-superliving-3-32x32.gif HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/uploads/2021/01/cropped-su (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 99a5fac2a51716ecbd324237da8b057fc18a30176f8e1df2a985523ad3afd6cb 194.1.147.66 HTTP/2 200 OK content-type: image/gif date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 903 cache-control: public, max-age=10368000,public expires: Wed, 08 Mar 2023 21:29:20 GMT last-modified: Mon, 15 Aug 2022 15:00:27 GMT vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 87a, 32 x 32\012- data Size: 903 Md5: b7c1a622688075bd5ebd1472fb292bf7 Sha1: 4ccdf1c8c993005e3f2c475d50867bc13d69c450 Sha256: 99a5fac2a51716ecbd324237da8b057fc18a30176f8e1df2a985523ad3afd6cb Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /wp-content/uploads/2021/01/cropped-superliving-3-192x192.gif HTTP/1.1 Host: superliving.co.uk User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://superliving.co.uk/tuae/?e=qbot.zip Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: superliving.co.uk/wp-content/uploads/2021/01/cropped-su (...) FQDN: superliving.co.uk IP: 194.1.147.66 HASH: 967173223ec8b59bd8c046db49e9ab0db898753f932d1bc6661fccab306d7855 194.1.147.66 HTTP/2 200 OK content-type: image/gif date: Tue, 08 Nov 2022 21:29:20 GMT content-length: 11260 cache-control: public, max-age=10368000,public expires: Wed, 08 Mar 2023 21:29:20 GMT last-modified: Tue, 27 Apr 2021 22:45:41 GMT vary: Accept-Encoding,Origin wpx: 1 alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 192 x 192\012- data Size: 11260 Md5: a028347b5831942c2f690d3814e5c189 Sha1: 9ec24504b077b7d7ddc93318b6772a781c8ca81d Sha256: 967173223ec8b59bd8c046db49e9ab0db898753f932d1bc6661fccab306d7855 Alerts: Blocklists: - mnemonic_dns: Sinkholed - quad9: Sinkholed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02ba851a-86f3-43b7-8371-24e96a151dec.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 544bb499e28cc9d1e0bffccacf74411bbe7186959d9f1ba54edbd167935b9055 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7442 x-amzn-requestid: f8fedc67-c5ed-41b5-a384-6d45596197fb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bKusfEbxoAMF67Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63675e4f-1459fdf653f4ee6f3dda084f;Sampled=0 x-amzn-remapped-date: Sun, 06 Nov 2022 07:12:15 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 8Sq8nD9sNRWeMedFxLrUEnILqEPv0Fr09OAkze6_Polg99dAXI4eiw== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google date: Tue, 08 Nov 2022 04:07:31 GMT age: 62515 etag: "8bb15829bec5bbded9b864e73d8fbf1059cd4afc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7442 Md5: 36a5fcfdd58558031f15af5d13ebe21f Sha1: 8bb15829bec5bbded9b864e73d8fbf1059cd4afc Sha256: 544bb499e28cc9d1e0bffccacf74411bbe7186959d9f1ba54edbd167935b9055

                                        
                                            GET /tuae/index.php?e=qbot.zip HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         194.1.147.66

                                        
                                            HTTP/1.1 301 Moved Permanently 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Date: Tue, 08 Nov 2022 21:29:17 GMT 

                                        
                                            
Content-Length: 707 

                                        
                                            
Connection: keep-alive 

                                        
                                            
location: https://superliving.co.uk/tuae/index.php?e=qbot.zip 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
X-Edge-Location: WPX CLOUD/NOR01 

                                        
                                            
Server: WPX CLOUD/NOR01 

                                        
                                            
X-Cache-Status: BYPASS 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators

                                                Size:   707

                                                Md5:    1304294c0823ca486542ba408ed761e3

                                                Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e

                                                Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /tuae/index.php?e=qbot.zip HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1

                                         194.1.147.66

                                        
                                            HTTP/2 301 Moved Permanently 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:19 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
expires: Tue, 08 Nov 2022 22:29:19 GMT 

                                        
                                            
cache-control: max-age=3600 

                                        
                                            
x-redirect-by: WordPress 

                                        
                                            
location: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: BYPASS 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/themes/popcorn/css/main.css?ver=1.1.2b HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 3195 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Tue, 08 Nov 2022 05:24:21 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   3195

                                                Md5:    c51459eac53ec2441641d5cd779794de

                                                Sha1:   eabf493e5316e363fa2c6099c6975c1afb2b6ef4

                                                Sha256: fd61dd607c4d030c3b20d45d4e2ffdc00deffd52fb6472cf2d021830245b3241

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /tuae/?e=qbot.zip HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 404 Not Found 

                                        
                                            
content-type: text/html; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
expires: Wed, 11 Jan 1984 05:00:00 GMT 

                                        
                                            
cache-control: no-cache, must-revalidate, max-age=0 

                                        
                                            
link: <https://superliving.co.uk/wp-json/>; rel="https://api.w.org/" 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11272)

                                                Size:   10750

                                                Md5:    35f1f2b94d4ecfa9813f745c232fd302

                                                Sha1:   4c19755f822dbebc394479207c5b4464dbd2f71b

                                                Sha256: 83ced6b87f1f4b6af4faec37880cc0719554ff9108647e535bedf7d8340e4d0c

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 11601 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Mon, 07 Nov 2022 10:34:53 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (47826)

                                                Size:   11601

                                                Md5:    3f7f7fa954242b63cf5127c14417c6e5

                                                Sha1:   712c7c9ea049d297e3fb27d3c805be5c5867c4d4

                                                Sha256: e274dc85b6107cb6054dbee83ddb1e3dda3162ca8f93b16b2d692a451cf9511d

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Malware

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/themes/popcorn/fonts/fa-minimal/style.css?ver=6.1 HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 1132 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Tue, 08 Nov 2022 05:24:21 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   1132

                                                Md5:    3154b610f0d4d02b6786da77339da8e0

                                                Sha1:   bb1a7200f86204fd747dbf0f4d03c886eb994e77

                                                Sha256: 6dbcbd540a43bc954816b375e1215264f64c756c79a176b1d116a4d23b409a03

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Malware

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/themes/popcorn/css/util.css?ver=1.1.2b HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 794 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Tue, 08 Nov 2022 05:24:21 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   794

                                                Md5:    5b31fb8b209a50ddea7aa90a9be345c8

                                                Sha1:   27bece94057eac4a0e538bac423de478d6e03c9a

                                                Sha256: 9d6ac6b427848874003e4bbea0fdd5f8df10c598036fcd0585fdb95ff444f919

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.2 HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 708 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Mon, 07 Nov 2022 10:37:34 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (3432)

                                                Size:   708

                                                Md5:    f3ca6b9879df2ed966ae1150f3353baa

                                                Sha1:   03c9aa5c941faad5f1efb4aa66ff623220f697ab

                                                Sha256: f33030c0a254c90f0fc701442b0468c882d105c44f20923696747cc09e7709cd

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Malware

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 3995 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Mon, 07 Nov 2022 10:35:17 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (11126)

                                                Size:   3995

                                                Md5:    7e058b51f939eacfa31cdface14dded5

                                                Sha1:   9d732e5afdeb42edef9e1b9631b7e95e054787cc

                                                Sha256: 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Malware

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 3706 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Tue, 08 Nov 2022 07:42:57 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text, with very long lines (12310), with no line terminators

                                                Size:   3706

                                                Md5:    dc6411bfa6891b75944f0074c945752d

                                                Sha1:   03c1a8b686c287068c61ab90f58d905496d65085

                                                Sha256: 96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Malware

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/themes/popcorn/js/popcornsearch.js?ver=6.1 HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 322 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Tue, 08 Nov 2022 05:24:21 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   322

                                                Md5:    3130376714fa2c030cc5fbb9459d6698

                                                Sha1:   9e7bb5105e066cd79de12c376caef4d3e754dd6b

                                                Sha256: 1564940489f446426ab0f3d2c2f6e4bbb6a72556f090efbc5cc5b45412c56991

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Malware

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.8.0 HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 741 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Mon, 07 Nov 2022 10:36:52 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (13766)

                                                Size:   741

                                                Md5:    db566adedd989d74f2014fcfa86029d4

                                                Sha1:   47f13cb67686182dcd1ca098273474c1f63a7648

                                                Sha256: 1f8f006be8408188d5a4e046a782eff82847eba49a3948e17fc3299ea8aa484b

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Malware

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/uploads/2021/01/cropped-cropped-superliving-4.gif HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 5368 

                                        
                                            
cache-control: public, max-age=10368000,public 

                                        
                                            
expires: Wed, 08 Mar 2023 21:29:20 GMT 

                                        
                                            
last-modified: Mon, 15 Aug 2022 14:58:31 GMT 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 87a, 290 x 52\012- data

                                                Size:   5368

                                                Md5:    4621f421b578848c4f948dad37946074

                                                Sha1:   aaa2aa72b105b8ba6c443aa4fb823347f7efd6eb

                                                Sha256: 7321169d88462cdf5f272d8b3436350a7faaa371ad63ee35d351ba7581d08bb2

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 2817 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Tue, 08 Nov 2022 07:42:57 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (9937), with no line terminators

                                                Size:   2817

                                                Md5:    4317b1c024df372435f6482deadddeb3

                                                Sha1:   5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5

                                                Sha256: 3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Malware

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.2 HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 2660 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Mon, 07 Nov 2022 10:37:36 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (8014), with no line terminators

                                                Size:   2660

                                                Md5:    4260ecd7b11c8b2261939504401ec355

                                                Sha1:   f0e4955a2e1e589891a198d7e1508a96013ff9e1

                                                Sha256: c58c19b04900fc0cadf8f7f8ad6da45e381e7bd5872fb64e8ede1b316d77b58f

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Malware

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/themes/popcorn/js/popcornnav.js?ver=6.1 HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 96 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Tue, 08 Nov 2022 05:24:21 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   96

                                                Md5:    d51dc92fe8d60e86a079a6c918cc3c8e

                                                Sha1:   4c2510cfe17f72d0e139fae479297e6605270e28

                                                Sha256: 0c6eace2072999b2d656ed144c5fdd9c2e3532e8f619aeeac6efb112714ca0cd

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Malware

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.8.0 HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 18162 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Mon, 07 Nov 2022 10:36:52 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65497)

                                                Size:   18162

                                                Md5:    ee4463ac468ee39eea8ff0e5570e3e1d

                                                Sha1:   e9dc451292b5726122f0cc9646aed0c675feff50

                                                Sha256: dc05465601ddab95dcfd58747074a3e84f145423650f49e7296715477974c24d

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 30324 

                                        
                                            
cache-control: public, max-age=31536000,public 

                                        
                                            
expires: Wed, 08 Nov 2023 21:29:20 GMT 

                                        
                                            
last-modified: Mon, 07 Nov 2022 10:35:17 GMT 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65447)

                                                Size:   30324

                                                Md5:    3a1740685bd5c0bbd5f2b812e1eb7fb4

                                                Sha1:   488e07695da787fed18361c50292aef35abb5e81

                                                Sha256: 4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/themes/popcorn/img/cat-popcorn.jpg HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 62826 

                                        
                                            
cache-control: public, max-age=10368000,public 

                                        
                                            
expires: Wed, 08 Mar 2023 21:29:20 GMT 

                                        
                                            
last-modified: Tue, 08 Nov 2022 05:24:21 GMT 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x675, components 3\012- data

                                                Size:   62826

                                                Md5:    86118be7041c365320094d37fef0144f

                                                Sha1:   3afb1827dca805f87a2bad67d7203d989b521fbd

                                                Sha256: 3d8fc2c96a4ba0fec3213e93c5b8759d06adf0fb6612bdd75cff5fad7329d9d8

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/themes/popcorn/img/search-icon.png HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 598 

                                        
                                            
cache-control: public, max-age=10368000,public 

                                        
                                            
expires: Wed, 08 Mar 2023 21:29:20 GMT 

                                        
                                            
last-modified: Tue, 08 Nov 2022 05:24:21 GMT 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 18 x 19, 8-bit colormap, non-interlaced\012- data

                                                Size:   598

                                                Md5:    41e5308653cd822e89bf4c70a3368ca7

                                                Sha1:   a0c8c414a66b14528db89005965c73a23da69443

                                                Sha256: 873f79f87fad0c56389cb5d813acfd5e0a58dc95a66c4e54f9f1e853cd9de5f4

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/uploads/2021/01/cropped-superliving-2.gif HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 8890 

                                        
                                            
cache-control: public, max-age=10368000,public 

                                        
                                            
expires: Wed, 08 Mar 2023 21:29:20 GMT 

                                        
                                            
last-modified: Mon, 15 Aug 2022 15:05:17 GMT 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 87a, 475 x 86\012- data

                                                Size:   8890

                                                Md5:    f34d97373cbd7b90217fc29eebe7c4e9

                                                Sha1:   57a8ea515b12fc9bd424d47061459133ce8285e3

                                                Sha256: 546fbf5b6ba7f42a9759855faf63440146c833110d3427adda485bbc61c36527

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/uploads/2021/01/cropped-superliving-3-32x32.gif HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 903 

                                        
                                            
cache-control: public, max-age=10368000,public 

                                        
                                            
expires: Wed, 08 Mar 2023 21:29:20 GMT 

                                        
                                            
last-modified: Mon, 15 Aug 2022 15:00:27 GMT 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 87a, 32 x 32\012- data

                                                Size:   903

                                                Md5:    b7c1a622688075bd5ebd1472fb292bf7

                                                Sha1:   4ccdf1c8c993005e3f2c475d50867bc13d69c450

                                                Sha256: 99a5fac2a51716ecbd324237da8b057fc18a30176f8e1df2a985523ad3afd6cb

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

                                        
                                            GET /wp-content/uploads/2021/01/cropped-superliving-3-192x192.gif HTTP/1.1 

                                        
                                            
Host: superliving.co.uk

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://superliving.co.uk/tuae/?e=qbot.zip 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         194.1.147.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
date: Tue, 08 Nov 2022 21:29:20 GMT 

                                        
                                            
content-length: 11260 

                                        
                                            
cache-control: public, max-age=10368000,public 

                                        
                                            
expires: Wed, 08 Mar 2023 21:29:20 GMT 

                                        
                                            
last-modified: Tue, 27 Apr 2021 22:45:41 GMT 

                                        
                                            
vary: Accept-Encoding,Origin 

                                        
                                            
wpx: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" 

                                        
                                            
x-turbo-charged-by: LiteSpeed 

                                        
                                            
x-edge-location: WPX CLOUD/NOR01 

                                        
                                            
server: WPX CLOUD/NOR01 

                                        
                                            
x-cache-status: MISS 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 192 x 192\012- data

                                                Size:   11260

                                                Md5:    a028347b5831942c2f690d3814e5c189

                                                Sha1:   9ec24504b077b7d7ddc93318b6772a781c8ca81d

                                                Sha256: 967173223ec8b59bd8c046db49e9ab0db898753f932d1bc6661fccab306d7855

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - mnemonic_dns: Sinkholed

                                                    
                                                            - quad9: Sinkholed

URL	superliving.co.uk/tuae/index.php?e=qbot.zip
IP	194.1.147.89 (United States)
ASN	#210250 K Media Tech Ltd.
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-08 21:29:30 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	56
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (7)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 194.1.147.89

Last 5 reports on ASN: K Media Tech Ltd.

Last 4 reports on domain: superliving.co.uk

Last 1 reports with similar screenshot

JavaScript

Executed Scripts (12)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (43)

Overview

Domain Summary (7)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 194.1.147.89

Last 5 reports on ASN: K Media Tech Ltd.

Last 4 reports on domain: superliving.co.uk

Last 1 reports with similar screenshot

JavaScript

Executed Scripts (12)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (43)

Network Intrusion Detection Systems