a.uq32.xyz/images/lp3.png
172.67.189.184200 OK 121 kB URL GET HTTP/3 a.uq32.xyz/images/lp3.png
IP 172.67.189.184:443
Certificate IssuerGoogle Trust Services LLC
Subjectuq32.xyz
Fingerprint33:FC:69:45:84:CC:A5:05:E8:E3:97:32:5F:F8:F8:DB:3A:0B:35:33
ValidityThu, 11 May 2023 14:16:52 GMT - Wed, 09 Aug 2023 14:16:51 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1280x1124, components 3\012- data
Size 121 kB (120553 bytes)
Hash 1740c50a73501b48e3eecf3977bc7f27
642ad1a7231754db235b8ae2bce1b155cff69b83
221743530bbc11aa3a852cdf2a048b8eee9b4a6bc39719a14edca14a52bf8029
GET /images/lp3.png HTTP/1.1
Host: a.uq32.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.uq32.xyz/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 May 2023 17:51:31 GMT
content-type: image/png
content-length: 120553
last-modified: Thu, 02 Mar 2023 09:13:46 GMT
etag: "640068ca-1d6e9"
expires: Sat, 24 Jun 2023 17:45:59 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0hHO%2F%2FSPLPSsedjjrbgIFueDcHkQiFtOcEBgaSfeKK46SmKy56HMUSU8WV025HpYfjWQFouX%2BnGysoQ4JR6pmFBkvdbB7k9VSdr6JKd3EnFgArUFRrx9ShazS%2Fm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccfa07e0dd0b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
URL User Request GET HTTP/2 IP 172.67.189.184:443
Certificate IssuerGoogle Trust Services LLC
Subjectuq32.xyz
Fingerprint33:FC:69:45:84:CC:A5:05:E8:E3:97:32:5F:F8:F8:DB:3A:0B:35:33
ValidityThu, 11 May 2023 14:16:52 GMT - Wed, 09 Aug 2023 14:16:51 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 55b53ec30210aa332172f54ebaf59845
74666e7a477049d8d7986109fe99d1c7718406a1
6da15bf3a4fec4e65df6fb55216870515b159b4a388cbf001be0b781a35f3de5
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: a.uq32.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.hg52.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 May 2023 17:51:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: loclang=en; expires=Fri, 26-May-2023 17:51:31 GMT; Max-Age=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTMwBMBj9mIWKrxl5KrCCE4ZtyRgYcpaN0BLmtygJ9LM3ZVB80Ia2nfkyXvv5UihKL4BjrWWdNSjIamScvXrhEslw4vaU41v6hQUHHG4UkPz2%2Fumt009PtSvUJQu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ccfa07cbe840b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-DJL7JFN301
142.250.74.168200 OK 252 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-DJL7JFN301
IP 142.250.74.168:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type ASCII text, with very long lines (5048)
Size 252 kB (252319 bytes)
Hash 6d9f8978806dbfe03ea0a86782144839
22cfc2234f8b590568c5242ef00fd71144a9dc37
158b8a1c5851659485154396334a4ddbcc85aa41da30abf906ac03c0328a641c
GET /gtag/js?id=G-DJL7JFN301 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.uq32.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 May 2023 17:51:31 GMT
expires: Thu, 25 May 2023 17:51:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
IP 172.67.189.184:443
Certificate IssuerGoogle Trust Services LLC
Subjectuq32.xyz
Fingerprint33:FC:69:45:84:CC:A5:05:E8:E3:97:32:5F:F8:F8:DB:3A:0B:35:33
ValidityThu, 11 May 2023 14:16:52 GMT - Wed, 09 Aug 2023 14:16:51 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 0439a6deac8f0641ff2dedfce65d0c71
7e8daa3dd92c102165ea1542299bf4f714cdcd8c
8c32b65b6b0a2b2d859ce9d8ea0d1f5a9456ce37b1e1311bc07ea114a26ecccb
GET /favicon.ico HTTP/1.1
Host: a.uq32.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.uq32.xyz/
Cookie: loclang=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 May 2023 17:51:31 GMT
content-type: text/html
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BeMyTzHsS8HpChnVPngca60W37VV85t%2BYWTLG4bYpwxBETsfvSMnFzzRujoO%2BzWEV8iorEUONVaGDyxImNfVhxFnAdbTeRVfi%2F8%2BCHYbb05QHveUn2tfFpQiEJX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ccfa07f0f9fb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400