| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha26d0784548ecab22f417f3d689daf23 8893b79366bbadeb5c8d587b8f023e310694df1c 35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8817
Expires: Wed, 21 Sep 2022 12:53:39 GMT
Date: Wed, 21 Sep 2022 10:26:42 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0e6d790f7df0dc80b639373023648485 874506cf83ffebce75d57c45ab97bd0a64249666 bdf86592b0c8c93a776e80853462c18aca45c624688c3f625a632f0f1109b9f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDF86592B0C8C93A776E80853462C18ACA45C624688C3F625A632F0F1109B9F9"
Last-Modified: Tue, 20 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12616
Expires: Wed, 21 Sep 2022 13:56:58 GMT
Date: Wed, 21 Sep 2022 10:26:42 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 143.204.55.25 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP143.204.55.25:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bJpEhtgxq7sUYSaXIFkRtmyMjoHTwbJ1wq9QH69u3KcfZ13Ut8Ehbg==
age: 21089
X-Firefox-Spdy: h2
|
|
| getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 | 34.120.5.221 | 200 OK | 40 kB |
URL HTTP/2getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 IP34.120.5.221:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hashaa8bcaa9fdd7aca905b7ac3ff8876d70 1fe4f8912bd06c74736f78afff1fd1c62970e485 ab91a0784bc86d296bbf4d9c3a66a3a43bbefe65eee1d90f69006a705a1e301c
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: YOGV9w-UyNMMpdMeIaSsI0SXG4u4Ts0cTNprqwA-2u6Sm3hqbGfPPQ==
content-encoding: gzip
via: 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 10:22:51 GMT
age: 879
content-type: application/json
content-length: 39550
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| qflusa.com/ | 194.1.147.70 | 301 Moved Permanently | 0 B |
IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET / HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 21 Sep 2022 10:26:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
x-powered-by: PHP/7.4.28
x-redirect-by: WordPress
location: https://qflusa.com/
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
X-Edge-Location: WPX CLOUD/AMS02
Server: WPX CLOUD/AMS02
X-Cache-Status: MISS
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.27 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.27:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 10:13:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GNwS6GwfZG-TOUZsrc1fdpuYD3vCMZ58fK1OL0QYmNMrwfOWItkTEA==
Age: 789
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 10:26:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.godaddy.com/ | 192.124.249.41 | 200 OK | 1.8 kB |
IP192.124.249.41:0
Hasha16620857ae9d6aa74b86311cf1a6872 d9bc585e755a6e515d0bf384bb47a1a2a65889ba 52770285d30e2f900921093fd5f2ad50cc3c91215cb1927bd0bbb8d4ab720f22
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 21 Sep 2022 10:26:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 20 Sep 2022 23:11:00 GMT
Expires: Wed, 21 Sep 2022 23:11:00 GMT
ETag: "d9bc585e755a6e515d0bf384bb47a1a2a65889ba"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.27 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.27:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 10:03:22 GMT
Expires: Wed, 21 Sep 2022 10:46:06 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JIchr1Q_06yb6OB7W-swPOixU-YAPVhcDD0kuZcO3g0n_1uca9I6mg==
Age: 1401
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashff6d50919e56aed75c47feb45ee2f2ec 98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:43 GMT
Last-Modified: Wed, 21 Sep 2022 09:37:39 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 52.42.74.230 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.42.74.230:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TO+Nu6JFO2nGBqSRV4FHdw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9AybdhtKoZ/G9LSh0R9bA04w4q8=
|
|
| qflusa.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.7.6 | 194.1.147.70 | 200 OK | 40 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.7.6 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (65493) Hashcca1e94e5e13754050045bedc90a5dba 2dd5785014d33cc40c4809883bbda234b957208b f4507a13ff74c4c5f1a2eb9dcfa3ce596759f4da49c1c6dd01dc9653b0d39c34
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.7.6 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 40024
cache-control: public, max-age=604800
expires: Thu, 22 Sep 2022 05:35:00 GMT
last-modified: Thu, 15 Sep 2022 00:06:40 GMT
etag: "7570f-63226c90-a10ffaa4538f56b5;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashbcbb61a4f6f0beed45a5f963bfba6e9d a07136aeace7036e3b7427d63c60576adbdc388f 3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash67b756e82caefc7860b9f2d4a4f40341 adeae15d52089bcca4ca247fc4aebceef8406e34 72ff9f52080a633dc841554f7d4cc70083edd2572b535d84093ae63f0c50b832
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/recaptcha/api.js?render=explicit&ver=3.7.6 | 142.250.74.164 | 200 OK | 557 B |
URL HTTP/2www.google.com/recaptcha/api.js?render=explicit&ver=3.7.6 IP142.250.74.164:0
File typeASCII text, with very long lines (852), with no line terminators Hash9ad685e3d01b0036bb8f8e30b595319f f0b09266e6afa82a0e5a55ac54fa457852fc7ba2 43b843f3e3769414de1b6c92b9df34844f3e40fd235165a24a66276c4d96f03c
GET /recaptcha/api.js?render=explicit&ver=3.7.6 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 21 Sep 2022 10:26:44 GMT
date: Wed, 21 Sep 2022 10:26:44 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 | 194.1.147.70 | 200 OK | 11 kB |
URL HTTP/2qflusa.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (43771) Hashd45207ee05c1f0c57dfa075e61405ccd a8d35143a2d828a739ea0fdde75f97d33621e7ec a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 10946
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Tue, 16 Aug 2022 08:16:05 GMT
etag: "15b64-62fb5245-bd1592b92926fa9d;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.1 | 194.1.147.70 | 200 OK | 11 kB |
URL HTTP/2qflusa.com/wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.1 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (63070), with CRLF line terminators Hash9a6a25cb71bdd44f4e83dd8e41dc6033 cd0dba5cf541f7ebfe4888e55d1ec289ff2a1ee4 c1eed109ae46037eaa9db3c1b15ca8cabc98babbc491b9b69d407bc871edb4b8
GET /wp-content/themes/astra/assets/css/minified/style.min.css?ver=3.9.1 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 10818
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Tue, 16 Aug 2022 08:18:10 GMT
etag: "11449-62fb52c2-cce3f09af32948ee;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashbb4bdc4c3c6869c822618f0b9ef1bdc5 6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CKarla%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CQuicksand%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 | 142.250.74.10 | 200 OK | 3.8 kB |
URL HTTP/2fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CKarla%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CQuicksand%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 IP142.250.74.10:0
Hash2564c46f8ee1249a88009e62326df22d 530cbb1bc7bc50c637a03127286cb651a7e95608 a2359a7f27a6fd763b0b7987687a42c5a915fbbc02453172f4b11656034009f3
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CKarla%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CQuicksand%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 10:26:44 GMT
date: Wed, 21 Sep 2022 10:26:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.7 | 194.1.147.70 | 200 OK | 741 B |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.7 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (13766) Hash77fd2796ca14b11a4dede61cfa34609e 8296a2cebbdac0347b509c3e1d7246526a06bd3a 5d3b09a1871a41d1210bf06dfb2c0c38ab0e68f2ef7cbfca8b5776b1eda22575
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.7 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 741
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:54 GMT
etag: "35ed-632a559e-7e9c02a09ae1872d;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/wp-members/assets/css/forms/generic-no-float.min.css?ver=3.4.5 | 194.1.147.70 | 200 OK | 899 B |
URL HTTP/2qflusa.com/wp-content/plugins/wp-members/assets/css/forms/generic-no-float.min.css?ver=3.4.5 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (3809), with no line terminators Hash908e255adc977308b06d7e2dce3e53bd ed29835472f61b96e54141a619091361b97e61f2 c961dba14924f7a2fc2a044988b5d08e46453aea36738058a05df16f49e1f374
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/wp-members/assets/css/forms/generic-no-float.min.css?ver=3.4.5 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 899
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Tue, 20 Sep 2022 12:05:49 GMT
etag: "ee1-6329ac9d-56da30d9743cb69e;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/uploads/elementor/css/global.css?ver=1663718855 | 194.1.147.70 | 200 OK | 3.7 kB |
URL HTTP/2qflusa.com/wp-content/uploads/elementor/css/global.css?ver=1663718855 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (31060) Hash5bc2b0354c5a1ebf694dccc33073e9a5 0a9c52f3125721fa622616bfb6217cf64dc638be 2835a04b56b8bacc1e0ce9bc504cd70d46873f8cd91805e5c00907b776698f90
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/uploads/elementor/css/global.css?ver=1663718855 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 3742
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:07:35 GMT
etag: "db4c-632a55c7-21e93c6c5f8ccdfa;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/uploads/elementor/css/post-624.css?ver=1663718843 | 194.1.147.70 | 200 OK | 348 B |
URL HTTP/2qflusa.com/wp-content/uploads/elementor/css/post-624.css?ver=1663718843 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (1214), with no line terminators Hash30e037cfc5601fb0826dc1d82d970954 4203bcfc195494f529e2183d4b3dd2f102bb7fbe a9291d3c11036d1d5e6880480099e7fe0bf0399200f2a246b334f354ae308934
GET /wp-content/uploads/elementor/css/post-624.css?ver=1663718843 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 348
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:07:23 GMT
etag: "4be-632a55bb-16ca2f60c5f9620e;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 | 194.1.147.70 | 200 OK | 3.6 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (19233) Hashaf3bdf44d09914e8adb51fec560d8816 84bb225e096bab405868dd504e62133ba75cf1c1 4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 3629
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:54 GMT
etag: "4b4f-632a559e-38c1c5b213ff4118;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.2.4 | 194.1.147.70 | 200 OK | 708 B |
URL HTTP/2qflusa.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.2.4 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (3432) Hashf3ca6b9879df2ed966ae1150f3353baa 03c9aa5c941faad5f1efb4aa66ff623220f697ab f33030c0a254c90f0fc701442b0468c882d105c44f20923696747cc09e7709cd
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.2.4 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 708
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Mon, 29 Aug 2022 12:05:58 GMT
etag: "d69-630caba6-51e071425001aed;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 | 194.1.147.70 | 200 OK | 284 B |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (489) Hashdc279c928e2924b07a4a7575f8070ee8 0196756cacdb61ef40483af7ea982b699b0933de 80b6d9e3f0304f4199350c6015fd96084646c2a0121332bcb5a46d3956b7df5c
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 284
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:55 GMT
etag: "2a3-632a559f-5b75bf870dbb6784;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.2.4 | 194.1.147.70 | 200 OK | 2.7 kB |
URL HTTP/2qflusa.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.2.4 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (8016), with no line terminators Hash8a68927ae9f9e4410a53da7e91333e5a 5ea49b0228c610db7747531827863eb58594922d 1996e2b780eafb29a0c5be7c1bbf51372f8a1d036e1077a6035691ba0a4f138d
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.2.4 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 2663
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Mon, 29 Aug 2022 12:05:58 GMT
etag: "1f50-630caba6-8d6a50fc741642e7;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/uploads/elementor/css/post-9.css?ver=1663718843 | 194.1.147.70 | 200 OK | 2.2 kB |
URL HTTP/2qflusa.com/wp-content/uploads/elementor/css/post-9.css?ver=1663718843 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (10109) Hasha70bef344ea311d3b287f6c2328a4c23 7de6a28edda6429850774d09a538fd0f16bda8e3 7265cb940fcc2c439ad7ecd81972dc38539481bf04900e4b0101cb526b7ceb48
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/uploads/elementor/css/post-9.css?ver=1663718843 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 2222
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:07:23 GMT
etag: "6785-632a55bb-b0aafad2dfd3f64e;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.7 | 194.1.147.70 | 200 OK | 2.4 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.7 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (10019) Hashd2db71c82a8f672aea59a3e050cd8cd7 af626566f94b3164e4310288cfb142431e8349a6 bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.7 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 2442
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:54 GMT
etag: "4824-632a559e-8e291503f2c14133;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 | 194.1.147.70 | 200 OK | 286 B |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (483) Hash8828fa3c5bdcfa66615714a2b8c9d807 4f556d0b005ac7754af607418df445f8cf98e8b1 16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 286
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:55 GMT
etag: "29d-632a559f-84e8d1b5e83560dd;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 | 194.1.147.70 | 200 OK | 283 B |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (491) Hash453a93dc816be89f942ebb253ff199fb 01563d6019803e3ff2a94c5397e7e771ee6f440d 36beebcd3778e04c8973faa581d07c7e7dc0bac2a77f637379e7d110383ab5d7
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 283
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:55 GMT
etag: "2a5-632a559f-e2b963df1fb9d6d0;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/uploads/2020/03/ico_mail.png | 194.1.147.70 | 200 OK | 301 B |
URL HTTP/2qflusa.com/wp-content/uploads/2020/03/ico_mail.png IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typePNG image data, 16 x 16, 8-bit colormap, interlaced\012- data Hash2a30990d2f36f3e14008fdf6d762e44d ddd0253df40ebaf8301ac6219856e431f7ea0369 9be21bb3077974be80c7145768a3db377d5ddc527ddc07ad3e4152c1e3dcc1cc
GET /wp-content/uploads/2020/03/ico_mail.png HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: image/png
content-length: 301
cache-control: public, max-age=5184000
expires: Sun, 20 Nov 2022 10:26:44 GMT
last-modified: Thu, 19 Mar 2020 05:00:52 GMT
etag: "12d-5e72fc84-d22116483a3bde83;;;"
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/themes/astra-child/style.css?ver=1.0.0 | 194.1.147.70 | 200 OK | 587 B |
URL HTTP/2qflusa.com/wp-content/themes/astra-child/style.css?ver=1.0.0 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (916) Hash77325a2627dd7781e88b0f6db56b34f7 8f17c1e8ff59106b5db739ce56fb817472ddd4a6 0a8c0db42c063f456a39b3fe466106174ae2db835b5966fd1e08db726751ac7a
GET /wp-content/themes/astra-child/style.css?ver=1.0.0 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 587
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Fri, 25 Oct 2019 12:10:45 GMT
etag: "488-5db2e645-f63322194b530c72;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.9.1 | 194.1.147.70 | 200 OK | 2.5 kB |
URL HTTP/2qflusa.com/wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.9.1 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (10398), with no line terminators Hashc48ca42eefd389f2ced0c8488959ce0b 23512c8ef92c275116bb37e0975ef8dff01982b7 fff6b9cee994875d838943eece8cc92b22f7a2e9ee6d00b8bc63f4398493efca
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/themes/astra/assets/js/minified/style.min.js?ver=3.9.1 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 2543
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Tue, 16 Aug 2022 08:18:10 GMT
etag: "289e-62fb52c2-c94f4a1c05eb1862;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6 | 194.1.147.70 | 200 OK | 2.2 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (5141) Hash79b1a5cae4c3d14795b262689a40b66f 1a350c17098195176af4c410c5b0ebf2d804be25 eaff5989e9a87e7a34cdac7a39db138499736350769c1372338eaffae0bde7eb
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 2188
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Thu, 15 Sep 2022 00:06:40 GMT
etag: "1440-63226c90-ab6b1410a13a22f1;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.7 | 194.1.147.70 | 200 OK | 1.0 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.7 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (2620), with no line terminators Hash906c4decdcd32482c1cf583b07925d30 30e726b9febb4b651544266df656a21251f0e8e3 53f86e9641d0e35772d6b54294cc6dd685fb9a376a1baad151da120fef609423
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.7 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1047
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:55 GMT
etag: "a3c-632a559f-9aab0a846dbbd9c5;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 | 194.1.147.70 | 200 OK | 3.7 kB |
URL HTTP/2qflusa.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
Hashf778ade6a70be55cbf039cfafb20fa7f 68d7a7f2d88907a038ec557ae0ab67f58d7bcdc5 88fd2a2f80a5ff9f70a6c4019d81f3bae8bc92623697454faa44f448cc43ad93
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 3717
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Tue, 16 Aug 2022 08:16:07 GMT
etag: "27ee-62fb5247-494defc1305b0683;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 | 194.1.147.70 | 200 OK | 2.4 kB |
URL HTTP/2qflusa.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (6475), with no line terminators Hash4e773d7cec56bacab6d2db420be6f262 c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a 5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 2354
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Tue, 16 Aug 2022 08:16:07 GMT
etag: "194b-62fb5247-ab792af44ef4bdf8;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 | 194.1.147.70 | 200 OK | 6.6 kB |
URL HTTP/2qflusa.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeUnicode text, UTF-8 text, with very long lines (8189) Hash139a41f01d192d239e7dce15ca307983 62a3e7c0c77209832dc649bc5583e5e0b4918bf5 d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6637
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Tue, 16 Aug 2022 08:16:08 GMT
etag: "50eb-62fb5248-ba70206691827f65;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 | 194.1.147.70 | 200 OK | 12 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (57726) Hashf463afd8661ddc733305df1f0cbdaff2 77262f0209e75e340eb7014aba9cd8d69966032f c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 12133
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:55 GMT
etag: "e238-632a559f-13746f45e6bf86e9;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/uploads/elementor/css/post-10.css?ver=1663718843 | 194.1.147.70 | 200 OK | 922 B |
URL HTTP/2qflusa.com/wp-content/uploads/elementor/css/post-10.css?ver=1663718843 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (6688), with no line terminators Hasha700706cc5893e7f346635f864d75106 186db28532764e15d3cd0e41e1cb19791b8465a2 a11d339fb0610dfa645791ebb15d0942a2303a021f9231204099b635134663cc
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/uploads/elementor/css/post-10.css?ver=1663718843 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 922
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:07:23 GMT
etag: "1a20-632a55bb-29953faa354a62c3;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 | 194.1.147.70 | 200 OK | 2.9 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (12198), with no line terminators Hash869caa171b68cbec9fee5abbfb944ee8 f237e485e41f88b77384cfdb880f9d5a8f46eac8 25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 2867
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:55 GMT
etag: "2fa6-632a559f-7db59f354e1c8d2c;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 | 194.1.147.70 | 200 OK | 3.3 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (10544) Hash3821415a39954c48c7927e661467c6b8 dfe1116a0efc9898cb6caf094213880da83d6990 5f7f5b28f47c366a0bb70435dc3b2253278222c92429f013084f71fd7d29a32e
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 3268
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:54 GMT
etag: "29ba-632a559e-a2eff925aa5eec41;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.7 | 194.1.147.70 | 200 OK | 12 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.7 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (43101) Hash95ab4688337578005feed2e876f1e880 62bef5780eeb438cc4f9ddd7783dee0c6ac2267d f6d86b74234d919ce018b3660d4afc427f2a3a39a09235ce89b33565c27c678e
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.7 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 12548
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:54 GMT
etag: "a884-632a559e-6d72dccc1e894825;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 | 194.1.147.70 | 200 OK | 4.0 kB |
URL HTTP/2qflusa.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (11126) Hash7e058b51f939eacfa31cdface14dded5 9d732e5afdeb42edef9e1b9631b7e95e054787cc 4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 3995
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Tue, 16 Aug 2022 08:16:08 GMT
etag: "2bd8-62fb5248-7edbfd3d435b5e90;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 | 194.1.147.70 | 200 OK | 4.6 kB |
URL HTTP/2qflusa.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (15660) Hash0232689bd203f330529b36a437f41a68 9046583f7469ad38297969f10a9513eb895d5316 feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 4619
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Tue, 16 Aug 2022 08:16:08 GMT
etag: "48b9-62fb5248-5f5e51cb71678e1e;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.7 | 194.1.147.70 | 200 OK | 2.0 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.7 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (4918) Hashaddd6b2b47516aab871a8c846e4208eb 72c83f580bfc1ce85f6fc394e0bac5fc1446d8bf 6b1770e81200444e4cffdeee08a8af358f5e35edd3398a2e2f4a7fc62c2c5734
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.7 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 2044
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:54 GMT
etag: "135d-632a559e-b260e566a1c06dd7;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.6 | 194.1.147.70 | 200 OK | 1.5 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.6 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (3703) Hash7a67ac94b6ebafd94c82dfa591065fdc 5190d1ef32403a4ad195ece088c0fba145562f13 2bd8dfe375603969948af382eb62f2957f2c51bfe8fd1db0c2f64af284cb0107
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.6 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1477
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Thu, 15 Sep 2022 00:06:40 GMT
etag: "e78-63226c90-c696266b4debac1c;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 | 194.1.147.70 | 200 OK | 6.9 kB |
URL HTTP/2qflusa.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeUnicode text, UTF-8 text, with very long lines (19138), with no line terminators Hash1f5152610686781567fb3008c4429792 d0c0bddf5fb8603ed8e55c32f3093c2207f72471 75806ece853d0d76e655a433bd03548d3be6237ea1e4cacd5963f528bbe0d192
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6872
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Tue, 16 Aug 2022 08:16:07 GMT
etag: "4ac6-62fb5247-55d2918e01048b38;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.7 | 194.1.147.70 | 200 OK | 10 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.7 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeUnicode text, UTF-8 text, with very long lines (32889) Hashcb762f3d93a33a602d19b3994fe4e699 a9168bedc5f58243b41aaab73c68b32f6992635c ca59fddd171412b6972463da0ac99bf372e17578816d3e79f4c247c34102a27d
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.7 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 10420
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:54 GMT
etag: "80a1-632a559e-2bf94daa1c6f4718;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 | 194.1.147.70 | 200 OK | 1.6 kB |
URL HTTP/2qflusa.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (4875) Hash06a8ac0e71976bc143cfa7861a31169d def6031fe13259bf17752661832d815e37068bf2 e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1575
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Tue, 16 Aug 2022 08:16:07 GMT
etag: "132e-62fb5247-9cb98916ea9c9228;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6 | 194.1.147.70 | 200 OK | 5.5 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (21374) Hashca1082526d323b169ee769f4b698d97e cf535dca6b5511448b8cf9175f83838ef6ebca07 dc4c09cced7df787f37d8284e39fda900d74a8a3df1c553f8049926834866519
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 5506
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Thu, 15 Sep 2022 00:06:40 GMT
etag: "53a9-63226c90-dce01492db9f79b9;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/uploads/elementor/css/post-38.css?ver=1663718856 | 194.1.147.70 | 200 OK | 5.5 kB |
URL HTTP/2qflusa.com/wp-content/uploads/elementor/css/post-38.css?ver=1663718856 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (65536), with no line terminators Hasha04fa43adaf12db75089898077b4a2b8 42a279f237ea894258e4b8c35c2277b984347902 e6cd776ef710f4af13c8099b0025437f7c44153d9f1ad1b4032a2eb2a22c2a64
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/uploads/elementor/css/post-38.css?ver=1663718856 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 5470
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:07:36 GMT
etag: "12397-632a55c8-3a211921ef74a74;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 | 194.1.147.70 | 200 OK | 6.9 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (25115) Hashe8d8c6e4997a420abc51e5fa8c1caa8b 39ae930f057de725cff8549eed82f31f8d0816c1 730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 6935
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Thu, 15 Sep 2022 00:06:40 GMT
etag: "6272-63226c90-1d4130cc54fc6f48;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.7 | 194.1.147.70 | 200 OK | 12 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.7 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (40474) Hashcf9df4d15291b14a459fdd30b118a1a4 450c2a4389a4d7e12fac3f1c49e79ca477521140 f109234d786cb6f29e805b2a5764f33f04b918bd76f4249ac94a3f39887facaf
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.7 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 11703
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:54 GMT
etag: "9e41-632a559e-dbca5b96767dcec1;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8ebb267e443b81854ef9a01b3eb6489d b932e9e5679da5a9160da5429458041765509b52 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10076
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 10:26:45 GMT
Connection: keep-alive
|
|
| qflusa.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.7 | 194.1.147.70 | 200 OK | 19 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.7 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (65497) Hash278d9eebcf978a3873f8852c777e0007 04645a5b1d5c0c50c52845c77ada20c1b8f1128a f0de59c1b368c69da14f817050951ffb233915f4fcb172c1f07ec3b0dd2cccd4
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.7 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/css; charset=UTF-8
content-length: 18716
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:54 GMT
etag: "28722-632a559e-25146f3d977c1741;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.7.6 | 194.1.147.70 | 200 OK | 30 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.7.6 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (65493) Hashfa9063274d7ca0411e7c732baeb2d3b2 a02bd7e37dcf5aeb74652af9824b1e578bf5c634 432b60fb25c422a1a98c8d37adcb7ff8d412ade0ff7b6f937765ee3b559f4e1c
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.7.6 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 30190
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Thu, 15 Sep 2022 00:06:40 GMT
etag: "20de6-63226c90-d943816ffdbc6cf2;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8ebb267e443b81854ef9a01b3eb6489d b932e9e5679da5a9160da5429458041765509b52 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10076
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 10:26:45 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8ebb267e443b81854ef9a01b3eb6489d b932e9e5679da5a9160da5429458041765509b52 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10076
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 10:26:45 GMT
Connection: keep-alive
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 | 194.1.147.70 | 200 OK | 34 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (65280) Hash83a90323ac82b98062b4b2c8ac8c5051 d7d376677e3546b756b4fec6219be72b85c4f8f5 7fd68e9ea0ebd35958da46d7373113d1a3646a671217cf2cf471c65c3d710613
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 34004
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Wed, 21 Sep 2022 00:06:55 GMT
etag: "21f91-632a559f-2d48bb4777f84c51;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8ebb267e443b81854ef9a01b3eb6489d b932e9e5679da5a9160da5429458041765509b52 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10076
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 10:26:45 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash8ebb267e443b81854ef9a01b3eb6489d b932e9e5679da5a9160da5429458041765509b52 4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10076
Expires: Wed, 21 Sep 2022 13:14:41 GMT
Date: Wed, 21 Sep 2022 10:26:45 GMT
Connection: keep-alive
|
|
| qflusa.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 | 194.1.147.70 | 200 OK | 30 kB |
URL HTTP/2qflusa.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeASCII text, with very long lines (65447) Hash34f918ada1fe4f01c5a4b90065bbc37a a731f6ce2d413805e39ae45994012b1bd5ea1e2b eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: application/javascript; charset=UTF-8
content-length: 30273
cache-control: public, max-age=604800
expires: Wed, 28 Sep 2022 10:26:44 GMT
last-modified: Tue, 16 Aug 2022 08:16:08 GMT
etag: "15db1-62fb5248-f604cb0c3f4055ba;br"
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf7b780d39877eea116277625aaa01f1b d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: nSWUmBqJPIBYNoLtyrfAN7CK4367b6TEku9eki8BGJVdTWW3dSyckw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 06:45:55 GMT
age: 13250
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha692964324dbb9c460a1b855808d02e6 1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54 3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 43908
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4d98acc059a69d51165fb5e0c7430ea3 09bd3300d710c3212483159f8398b84cde09da26 6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:25:17 GMT
age: 43288
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash14e6ddceb639a5f4875aecb796f95c79 b1cd04a66852694284eeef16a1cde38896e33c03 4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 19:18:32 GMT
age: 54493
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4eb6d1b35f680bfec656941b6167fd23 344c6000dbdafdb5105edc93a082d640c3e95ddc 67fc85fa0f1a55d57ab9db6f4c723fb9116ef3b2c5282dbdd42d9c37396bd7b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8826
x-amzn-requestid: cf0c711e-4ec9-4f87-a60f-41374262a114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYweUHIyoAMFYQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202df5-17ad5d4e25a754586e531d05;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:15:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEbpCQXLpTCDZH4OlzVvvsc-bSgbsIoXRgX6f-nKVwJTL5-SVTCHeA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:48:37 GMT
age: 45488
etag: "344c6000dbdafdb5105edc93a082d640c3e95ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg | 34.120.237.76 | 200 OK | 6.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8bae3a7a80ff40df1d701dfc925ddeff 91df60162a8322469cada0dd8eb93619f28aec1a fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6897
x-amzn-requestid: 509dc368-dd1c-4be7-94ff-64dbd53c199f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YoqoRG2WIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63268b01-1cb916c251fd5f2f3cf10435;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 03:05:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vs0CTuiAdjRtfJD9qX9S5R07Hw6BWfiOAT50GwTdiSETdoqr2FNsyw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 04:14:25 GMT
age: 22340
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashbb4bdc4c3c6869c822618f0b9ef1bdc5 6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| maps.google.com/maps?q=LOS%20ANGELES&t=m&z=12&output=embed&iwloc=near | 216.58.211.14 | 301 Moved Permanently | 280 B |
URL HTTP/2maps.google.com/maps?q=LOS%20ANGELES&t=m&z=12&output=embed&iwloc=near IP216.58.211.14:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators Hash5ffac5e52598a118a9b227dacd5633ee ba12b15bdfca606acce83753eb95c8793c24253d 827ee77999b65558c4c71b7d455d191875af8c6370e0c2acd8368a0b6014a162
GET /maps?q=LOS%20ANGELES&t=m&z=12&output=embed&iwloc=near HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 21 Sep 2022 10:26:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m4!2m1!1sLOS+ANGELES!5e0!6i12
content-type: text/html; charset=UTF-8
server: mafe
content-length: 280
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc683e61e63df92799aa274fdac42cd3b 191aeec95861fa8596a90a10c60b22434431c033 898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc683e61e63df92799aa274fdac42cd3b 191aeec95861fa8596a90a10c60b22434431c033 898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc683e61e63df92799aa274fdac42cd3b 191aeec95861fa8596a90a10c60b22434431c033 898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc683e61e63df92799aa274fdac42cd3b 191aeec95861fa8596a90a10c60b22434431c033 898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc683e61e63df92799aa274fdac42cd3b 191aeec95861fa8596a90a10c60b22434431c033 898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/karla/v23/qkBbXvYC6trAT7RVLtw.woff2 | 142.250.74.163 | 200 OK | 29 kB |
URL HTTP/2fonts.gstatic.com/s/karla/v23/qkBbXvYC6trAT7RVLtw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 29224, version 1.0\012- data Hash8f31fffe19876c366e578ce8e5d1d1e0 a86aa4b756555a54191fec48f8a42787b856bde3 602af0e0c5fb12b2fa41c8514959d7389f34ab1fcc04a1c1b42d580fee270fbb
GET /s/karla/v23/qkBbXvYC6trAT7RVLtw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qflusa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 15:53:32 GMT
expires: Sat, 16 Sep 2023 15:53:32 GMT
cache-control: public, max-age=31536000
age: 412393
last-modified: Mon, 11 Jul 2022 20:38:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 142.250.74.163 | 200 OK | 31 kB |
URL HTTP/2fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Hashac0d2859ea5f8fd6bcb3c305c08ec184 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qflusa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 495987
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/uploads/2020/03/decal-world-map.png | 194.1.147.70 | 200 OK | 11 kB |
URL HTTP/2qflusa.com/wp-content/uploads/2020/03/decal-world-map.png IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typePNG image data, 900 x 500, 2-bit colormap, non-interlaced\012- data Hash06ab22897fa481d040414487978ba60c 372ed3685ec78caf4145780627a80395d054da13 4cb80a71e5daa0949093ce3f6079bc4c0db0ebb7466d57dfe0dbb89d3ea20c0d
GET /wp-content/uploads/2020/03/decal-world-map.png HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/wp-content/uploads/elementor/css/post-38.css?ver=1663718856
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:45 GMT
content-type: image/png
content-length: 10921
cache-control: public, max-age=5184000
expires: Sun, 20 Nov 2022 10:26:45 GMT
last-modified: Thu, 19 Mar 2020 05:00:36 GMT
etag: "2aa9-5e72fc74-f1d51dca4d1e343f;;;"
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/karla/v23/qkBVXvYC6trAT7RQHt6e4Q.woff2 | 142.250.74.163 | 200 OK | 30 kB |
URL HTTP/2fonts.gstatic.com/s/karla/v23/qkBVXvYC6trAT7RQHt6e4Q.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 29876, version 1.0\012- data Hash4914377638fa41870aa3fe2d4c8fe17c 0c87a2f3912c53a38115b27d49d67d6a0d9d3881 c89c795d21fe08b925ea2014adf779625a21310d4d6de59dbdeeafe98bbf62ac
GET /s/karla/v23/qkBVXvYC6trAT7RQHt6e4Q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qflusa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29876
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 15:57:14 GMT
expires: Sat, 16 Sep 2023 15:57:14 GMT
cache-control: public, max-age=31536000
age: 412171
last-modified: Mon, 11 Jul 2022 20:36:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qflusa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 571957
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 | 142.250.74.163 | 200 OK | 23 kB |
URL HTTP/2fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qflusa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 62184
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qflusa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 571957
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 | 142.250.74.163 | 200 OK | 26 kB |
URL HTTP/2fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 25672, version 1.0\012- data Hashfe3e5be2baa0126122ba9367ebab73c8 40bec99106dfab5f3721ed725483eb618a9016cd 8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
GET /s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qflusa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:15:54 GMT
expires: Tue, 19 Sep 2023 21:15:54 GMT
cache-control: public, max-age=31536000
age: 133851
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 | 142.250.74.163 | 200 OK | 24 kB |
URL HTTP/2fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://qflusa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 62184
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc683e61e63df92799aa274fdac42cd3b 191aeec95861fa8596a90a10c60b22434431c033 898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 | 194.1.147.70 | 200 OK | 13 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeWeb Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data Hashf0f8230116992e521526097a28f54066 0447c6b10bbf73f97b23dcfd6e6a48510822cb6e 8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:45 GMT
content-type: font/woff2
content-length: 13276
cache-control: public, max-age=2592000
expires: Fri, 21 Oct 2022 10:26:45 GMT
last-modified: Wed, 21 Sep 2022 00:06:55 GMT
etag: "33dc-632a559f-ab14311ff2937279;;;"
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/uploads/2019/10/quantum.png | 194.1.147.70 | 200 OK | 4.4 kB |
URL HTTP/2qflusa.com/wp-content/uploads/2019/10/quantum.png IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typePNG image data, 367 x 98, 8-bit colormap, non-interlaced\012- data Hashb68fbe1630974b1a0932cda985ed6a08 860587c7e8b746abbddfb190642643f7221dbe76 06e22c0947e1f80e9dc105ad416200d22793372824d3c33e3e335b9c7103f991
GET /wp-content/uploads/2019/10/quantum.png HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:45 GMT
content-type: image/png
content-length: 4447
cache-control: public, max-age=5184000
expires: Sun, 20 Nov 2022 10:26:45 GMT
last-modified: Thu, 19 Mar 2020 05:00:18 GMT
etag: "115f-5e72fc62-dc6390d437666f31;;;"
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 | 194.1.147.70 | 200 OK | 77 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeWeb Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data Hashf7307680c7fe85959f3ecf122493ea7d fce0da592a3e536d6d5df5b50cb513398d8c5161 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:45 GMT
content-type: font/woff2
content-length: 76764
cache-control: public, max-age=2592000
expires: Fri, 21 Oct 2022 10:26:45 GMT
last-modified: Wed, 21 Sep 2022 00:06:55 GMT
etag: "12bdc-632a559f-b1315e57f82eddaf;;;"
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 | 194.1.147.70 | 200 OK | 78 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeWeb Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data Hashe8a427e15cc502bef99cfd722b37ea98 a9922842a120a7f1eaced667480c5e185a106d69 d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://qflusa.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:45 GMT
content-type: font/woff2
content-length: 78196
cache-control: public, max-age=2592000
expires: Fri, 21 Oct 2022 10:26:45 GMT
last-modified: Wed, 21 Sep 2022 00:06:55 GMT
etag: "13174-632a559f-6b07a9de2e4e4c0e;;;"
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 | 194.1.147.70 | 200 OK | 93 kB |
URL HTTP/2qflusa.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeWeb Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data Hashaab0bb3379e0eb7ebc26071db61fbd57 711c8d350c4192c2f1aa7f73551445b89fb4b161 691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://qflusa.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:45 GMT
content-type: font/woff2
content-length: 93372
cache-control: public, max-age=2592000
expires: Fri, 21 Oct 2022 10:26:45 GMT
last-modified: Wed, 21 Sep 2022 00:06:54 GMT
etag: "16cbc-632a559e-fae251e4a9551f2c;;;"
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/uploads/2020/03/dock.jpg | 194.1.147.70 | 200 OK | 166 kB |
URL HTTP/2qflusa.com/wp-content/uploads/2020/03/dock.jpg IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2079x1426, components 3\012- data Size166 kB (166245 bytes) Hash9b3141b759c0f69ee7f42159ae42a190 9b2dbbb01a285d813d4366b048d546958f75e526 92c82d49119788f1344c3f2bbfb82c1f31dbcd879c7f321a4da219f41f515d43
GET /wp-content/uploads/2020/03/dock.jpg HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/wp-content/uploads/elementor/css/post-38.css?ver=1663718856
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:45 GMT
content-type: image/jpeg
content-length: 166245
cache-control: public, max-age=5184000
expires: Sun, 20 Nov 2022 10:26:45 GMT
last-modified: Thu, 19 Mar 2020 05:00:45 GMT
etag: "28965-5e72fc7d-9dd39db8a64000ad;;;"
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/uploads/2020/03/kisspng-logistics-truckload-shipping-freight-forwarding-ag-logistic-1.png | 194.1.147.70 | 200 OK | 54 kB |
URL HTTP/2qflusa.com/wp-content/uploads/2020/03/kisspng-logistics-truckload-shipping-freight-forwarding-ag-logistic-1.png IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typePNG image data, 469 x 366, 8-bit colormap, non-interlaced\012- data Hash7531f7baa59b275c387db822f87824fc 8fa113e2c04ea02f8e8bf3ff35dfbaf1b1c9eb68 dde27ad154b45645570af9b95ee5a347dc0b507a1ee3b047faab4565792e8586
GET /wp-content/uploads/2020/03/kisspng-logistics-truckload-shipping-freight-forwarding-ag-logistic-1.png HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:45 GMT
content-type: image/png
content-length: 54100
cache-control: public, max-age=5184000
expires: Sun, 20 Nov 2022 10:26:45 GMT
last-modified: Wed, 18 Mar 2020 05:46:10 GMT
etag: "d354-5e71b5a2-b46d77b034839585;;;"
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/uploads/2019/11/679-min.jpg | 194.1.147.70 | 200 OK | 624 kB |
URL HTTP/2qflusa.com/wp-content/uploads/2019/11/679-min.jpg IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 5548x3704, components 3\012- data Size624 kB (624150 bytes) Hashe6638ea6c35f80c3fffd473c1b495dcc 17289b3eda843f69fba63733e02507ab4b4eb201 482add52db070dbbbd1828b08108f8214fdba9ce564afecdbd930e12a90a3de9
GET /wp-content/uploads/2019/11/679-min.jpg HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/wp-content/uploads/elementor/css/post-38.css?ver=1663718856
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:45 GMT
content-type: image/jpeg
content-length: 624150
cache-control: public, max-age=5184000
expires: Sun, 20 Nov 2022 10:26:45 GMT
last-modified: Wed, 18 Mar 2020 06:17:25 GMT
etag: "98616-5e71bcf5-7a6371b7baa5fe21;;;"
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| qflusa.com/wp-content/uploads/2019/10/781-min.jpg | 194.1.147.70 | 200 OK | 577 kB |
URL HTTP/2qflusa.com/wp-content/uploads/2019/10/781-min.jpg IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 5556x5556, components 3\012- data Size577 kB (577023 bytes) Hash049a350eb7fd1807d8abaaf12e0ce806 f2295d4f0eddfd384afffab765cc609f01cbde81 e206f32a00912ea63897f407bdf44bdcd1a6b768ba7af0edfacb51b0027c7608
GET /wp-content/uploads/2019/10/781-min.jpg HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/wp-content/uploads/elementor/css/post-38.css?ver=1663718856
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:45 GMT
content-type: image/jpeg
content-length: 577023
cache-control: public, max-age=5184000
expires: Sun, 20 Nov 2022 10:26:45 GMT
last-modified: Wed, 18 Mar 2020 06:18:11 GMT
etag: "8cdff-5e71bd23-98fc01fb93f5f480;;;"
vary: Accept-Encoding
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
server: WPX CLOUD/AMS02
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js | 142.250.74.163 | 200 OK | 158 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js IP142.250.74.163:0
File typeASCII text, with very long lines (581) Size158 kB (157726 bytes) Hash6519c7c04cf32a57b1c5ee45a73c233e 4939bb921988e9eb13780cc2244f3099776e9bfb 8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qflusa.com
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:37:29 GMT
expires: Thu, 21 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
age: 17356
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashe5d7d983b288c67e17280c6a1c0d80d9 8a1e575f8b8427e872c1e4c5645d9ce3e5445e52 a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad | 142.250.74.106 | 200 OK | 57 kB |
URL HTTP/2maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad IP142.250.74.106:0
File typeASCII text, with very long lines (2501) Hashc7c40ef002553cc3a0d635e23a3c4b71 af76675bf8ef371b544d2ef845d4b46c61f522a0 950fcaedab09c40085d242103a37763a5cb6f834759d4968dcff35111145d209
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56934
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=15
date: Wed, 21 Sep 2022 10:03:00 GMT
expires: Wed, 21 Sep 2022 10:33:00 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 1426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashe5d7d983b288c67e17280c6a1c0d80d9 8a1e575f8b8427e872c1e4c5645d9ce3e5445e52 a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 10:26:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| khms1.googleapis.com/kh?v=930&hl=en-US&x=43&y=102&z=8 | 216.58.207.202 | 200 OK | 12 kB |
URL HTTP/2khms1.googleapis.com/kh?v=930&hl=en-US&x=43&y=102&z=8 IP216.58.207.202:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data Hash182e98710d634ad9f3de659092579a37 4ccfdaabee7adc538d9f25823429bee6e37cd1b1 a1465f3010079587f66f54ebcf45b2a4a033ca59b1dbca80c101c44d6176e82a
GET /kh?v=930&hl=en-US&x=43&y=102&z=8 HTTP/1.1
Host: khms1.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-content-type-options: nosniff
expires: Thu, 21 Sep 2023 10:26:46 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: public, max-age=31536000
date: Wed, 21 Sep 2022 10:26:46 GMT
last-modified: Fri, 1 Jan 2010 01:00:00 GMT
content-type: image/jpeg
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
content-length: 12274
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg | 34.120.237.76 | 200 OK | 5.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg IP34.120.237.76:0
File typegzip compressed data, max compression\012- data Hashb6b410e4f01d927d9e3f5b157f424abd eb513aa8af01fe8ade60816af83f218ec423b0df cd6af3702ea62e4046e00413850e8d5376f6457a43ac9e2b5a664c065b2bd369
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4789
x-amzn-requestid: 36ce3b9d-d2aa-4975-86e5-22875944d707
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiqljEIKoAMFhPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63242489-1a31957361790e766b8355c6;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:23:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uNmY94pnSglVwSsx4oEaFrQqFI0bxeVzH8o8PYApgHQk_CSrkk2R1g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:20:09 GMT
age: 43602
etag: "0850ed5db509f8a75439eca5866c2bb6ca3195d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| qflusa.com/ | 194.1.147.70 | 200 OK | 0 B |
IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET / HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 21 Sep 2022 10:26:44 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.28
link: <https://qflusa.com/wp-json/>; rel="https://api.w.org/", <https://qflusa.com/wp-json/wp/v2/pages/38>; rel="alternate"; type="application/json", <https://qflusa.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
wpx: 1
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
cache-control: public,max-age=1200,stale-while-revalidate=3600
server: WPX CLOUD/AMS02
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| qflusa.com/favicon.ico | 194.1.147.70 | 404 Not Found | 0 B |
IP194.1.147.70:0 ASN#210250 K Media Tech Ltd.
GET /favicon.ico HTTP/1.1
Host: qflusa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://qflusa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Wed, 21 Sep 2022 10:26:46 GMT
content-type: text/html; charset=UTF-8
last-modified: Thu, 18 Apr 2019 07:26:39 GMT
etag: W/"c5-5cb826af-311916c1596d4696;;;"
vary: Accept-Encoding, Accept-Encoding
wpx: 1,1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/AMS02
content-encoding: gzip
server: WPX CLOUD/AMS02
X-Firefox-Spdy: h2
|
|