{"report_id":"458e464b-c39d-4ed0-89cf-5d01b6f88dba","version":0,"status":"done","tags":[],"date":"2026-07-03T02:31:06Z","url":{"schema":"https","addr":"qtradedirectinvestment.com","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":0,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"final":{"url":{"schema":"https","addr":"qtradedirectinvestment.com/","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"title":"Qtrade Direct Investment • Home","dom":{"size":41692,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (26340)","md5":"31da321dd51a0bc49e32ee5679bf0536","sha1":"93c98e7d9f4de956f49b11b4d479a61ec319037b","sha256":"db3fd144fe8b39977f2e415f2e5fb160a5b08e71ff68ef1149c6bab13f194403","sha512":"1bf293ad2af35c91fc45c7ddf3a0efb4797b953513982cb914471e781688fdc552a4b3409fb3ab1b41645243801037f8bcc7f104b4c54771d6a6ad3c53151b32","ssdeep":"768:0yJi2qbCmmWq38FTbfsTO+hDGqTt8UtN2v3k/SR+D/5km5o:FJzqbCmmWq38FTbfsTO+hDZTt8UtAk/u","tlshash":"1313a7176784452c9c53d278f399b54ea32af688ef6259eef7c23410c2d93ff088a455","dom_hash":"domhasha09e2b964037d2360f8d1ddedad10bc0","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"qtradedirectinvestment.com","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":0,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-07T02:31:06Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"code.jquery.com","ip":{"addr":"151.101.1.155","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-06-28T23:50:27.274026Z","alert_count":0,"request_count":1,"received_data":90142,"sent_data":476,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"bootstrap.smartsuppchat.com","ip":{"addr":"63.186.62.35","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2014-02-02","domain_rank":425291,"first_seen":"2018-01-29T06:10:36Z","last_seen":"2026-06-26T04:16:42.976898Z","alert_count":0,"request_count":1,"received_data":1575,"sent_data":555,"comment":"","tags":null,"fingerprints":null},{"fqdn":"widget-v3.smartsuppcdn.com","ip":{"addr":"185.76.9.12","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2018-11-20","domain_rank":532262,"first_seen":"2022-10-03T13:48:45Z","last_seen":"2026-06-26T05:59:17.618077Z","alert_count":0,"request_count":4,"received_data":328851,"sent_data":1925,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"translations.smartsuppcdn.com","ip":{"addr":"185.76.9.11","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2018-11-20","domain_rank":560346,"first_seen":"2022-11-04T22:28:35Z","last_seen":"2026-06-26T05:59:16.644955Z","alert_count":0,"request_count":1,"received_data":7732,"sent_data":537,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-06-28T22:47:06.167692Z","alert_count":0,"request_count":1,"received_data":47476,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-28T22:22:13.875484Z","alert_count":0,"request_count":1,"received_data":24511,"sent_data":670,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-28T22:19:26.805281Z","alert_count":0,"request_count":6,"received_data":76299,"sent_data":3404,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2026-06-29T07:57:36.057616Z","alert_count":0,"request_count":2,"received_data":408697,"sent_data":958,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-06-28T22:41:44.776353Z","alert_count":0,"request_count":6,"received_data":431197,"sent_data":3360,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.smartsuppchat.com","ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2014-02-02","domain_rank":491650,"first_seen":"2017-01-30T05:24:57Z","last_seen":"2026-06-26T04:16:42.959688Z","alert_count":0,"request_count":1,"received_data":18547,"sent_data":473,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"api.coingecko.com","ip":{"addr":"104.20.41.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-03-26","domain_rank":442226,"first_seen":"2018-05-18T12:16:11Z","last_seen":"2026-06-29T08:28:37.222477Z","alert_count":0,"request_count":1,"received_data":1379,"sent_data":586,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"qtradedirectinvestment.com","ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"domain_registered":"2026-06-23","domain_rank":0,"first_seen":"2026-07-03T02:31:08.914367Z","last_seen":"2026-07-03T02:31:08.914367Z","alert_count":20,"request_count":20,"received_data":2926270,"sent_data":25352,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"websocket-visitors.smartsupp.com","ip":{"addr":"18.193.195.62","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2012-08-25","domain_rank":411464,"first_seen":"2021-07-12T07:42:32Z","last_seen":"2026-06-26T05:59:16.47245Z","alert_count":0,"request_count":1,"received_data":224,"sent_data":641,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.smartsuppchat.com/loader.js?","fqdn":"www.smartsuppchat.com","domain":"smartsuppchat.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"218d24439d4e2c0990f35338a7ac220c","sha1":"5a7b913584c1244bf61beab9dc644204d130101c","sha256":"efb497f7159de26ea5e0521d675d909dc063e36d0d23c2ad96fa9109b73ee263","sha512":"17af39bfdc350c9d1f8dd74652641d0c028881ecb3935d2d9fdb763d24136665d135d00219aabac57693112e2314d4fa91b802ba2662a1580aa35c5e0b6e624b","ssdeep":"384:2/xzy2A3wyxNeBWbEgl/EuVaBWbE0rIcvqSI/aQ/UpG:2/xzy2A3wXscuVaAxka05","tlshash":"4182b7cc7691b16543ab61b4843f620ff1376929740d8865b965eae13cb8c8ed037fb8","size":18024,"data":"","first_seen":"2026-03-30T19:01:55.527327Z","last_seen":"2026-07-04T02:00:27.989272Z","times_seen":4152,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.1.155","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","size":89501,"data":"","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-07-04T01:43:19.328756Z","times_seen":486854,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f416f9031fef25ae25ba9756e3eb6978","sha1":"e2a600e433df72b4cfde93d7880e3114917a3cbe","sha256":"a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d","sha512":"6cfb3b01eea956f84e4a221cc940a547bfead8e02c462a2fc38bc0917fb325bc374a101e7aa7b3ab9d11208708511abb39adb4ad6da7daaf9fc9704d714f65af","ssdeep":"768:UCI7dmuMFAAJG4dlQKNORpnXGAtep2lcwJeL+wr2RSGc7UuHjRUQuFBt33:PITMFC4dbMVRSGcgRDV","tlshash":"e7137346b3202d2a869b61a0663f160bb23a241ce414547d7d79e6de6d7dc8c213ffbc","size":44342,"data":"","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-04T02:08:19.356463Z","times_seen":62550,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":true,"md5":"b40009cf4c11c92e8b43f59bfba562f9","sha1":"52559b6a0ee7b16ec2e77a01a0f9b7a8e914513c","sha256":"f21a5c9f721328c4c1c46ba37356245a58d1f1c028d7545f7174104e0a1efe92","sha512":"db940f2c08988489ad71fa58e64762b5dc576fc3bbca744f37111fcc1974df2637a7084b5780daba41207783c2c2fcae7e3219e3f6ff41fa2cf40af9165da918","ssdeep":"","tlshash":"36d04c6e49f54627411a6c55c1cc4511ab555117a819bdaaf94c50015f4810888e5360","size":257,"data":"","first_seen":"2026-06-09T17:12:17.85042Z","last_seen":"2026-07-03T02:31:13.569653Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":true,"md5":"bbe08fd4a5c5675fb779aa33cfb18cb0","sha1":"418fda44aeb61287a0475471be17243bdd123856","sha256":"679cd0ea4e47228a72bc23ba595f46fcb73de27781bf17360588f0aca2ac532b","sha512":"144cf531bc85a56caf1f8f36a870d1ea121a9ddb0e28f0edcf7916e5f7b1f3c6d1929283b9f8ad044c496ccfb73574a70c1265b5d7d736a585c8bad5b7debb38","ssdeep":"","tlshash":"df610f2db1f3142b19f7a8613beb550c3a387107a488cd4436dd5b084f9b664f4e7ad8","size":3411,"data":"","first_seen":"2026-07-03T02:31:13.570714Z","last_seen":"2026-07-03T02:31:13.570714Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":true,"md5":"51378fa43f892efbc9f68720abf262a2","sha1":"2ee2d26d675771fd68fcef84a2dbda6d305e0f3f","sha256":"1ec2d7f53453ab04863340f6ff20a1f5a1694697ae5a3e043b4a8ad2b0787d4a","sha512":"19ce0eeb6c9090d2cabcd57d5e8e7b97ecdfb34ba92fa71e9c93d7b0ff94a6a40aa644e6ad390228aa9d63e33c476cd1e08a6124e617bdd951421bec6f920bf6","ssdeep":"","tlshash":"f5610eb972ab1851096f74ba439f23402821a017354afe0b3e4d46c12f92d3ed5727dc","size":3191,"data":"","first_seen":"2026-06-09T17:12:17.852719Z","last_seen":"2026-07-03T02:31:13.571648Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"introduction_type":"scriptElement","is_inline":true,"md5":"33cc02c1edd2399388acfaae20777e19","sha1":"2e23e4f253d22ee4fa9302e5839524295b6eadd5","sha256":"0658c2d88193f27a54f87dfab77c476bfa92fe9c1f4545bf0f899469da8632df","sha512":"23e252323214460ea93da22a65fc5c0d03c589ffd09c489c718307cf30fdccb9fb0a3ce1e307def2a9d7c96c217b968ac7965bca5c9dbe2728a49b6b54d69609","ssdeep":"","tlshash":"3be0f13c3c35c0e047a210f480bbf5383d0a30704044d957949ae8a86cf0fca7d01595","size":416,"data":"","first_seen":"2026-07-03T02:31:13.57266Z","last_seen":"2026-07-03T02:31:13.57266Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget-v3.smartsuppcdn.com/assets/main-Cbzgowwk.js","fqdn":"widget-v3.smartsuppcdn.com","domain":"smartsuppcdn.com","tld":"com"},"ip":{"addr":"185.76.9.12","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"dfe560aba1935b8b39c27aa71dc58c8d","sha1":"57ca1d5bc344e6094a43b6b4caafad444e974c02","sha256":"0b7bcba63083ad1debda57e3152b6f65644d8a21fc14bb0fc9bb94e1acb10a0b","sha512":"e4af2de0e4e1a7febb2d879c0a4c1509d8c79b2a44bb7b85fbfab163a3176be3e94513d055341b8a3098c1cf50b16bf8518b1ec7cb44292abc29d8f7b68f895a","ssdeep":"384:8+mNMMmMwhaMaew3LtmBp3dUdhdr7NPCuukhP8ZvxklZBCQrdCfs:8+mQMGaMaewZmBByjhPkkhP8RBQrdC0","tlshash":"6d72e7b42310783f312f581d166ce9867336d198e55390199b2eec4e36cacc5adb3bb9","size":16285,"data":"","first_seen":"2026-06-22T17:07:54.172262Z","last_seen":"2026-07-04T02:00:27.955667Z","times_seen":411,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget-v3.smartsuppcdn.com/assets/shared-FggoWQFN.js","fqdn":"widget-v3.smartsuppcdn.com","domain":"smartsuppcdn.com","tld":"com"},"ip":{"addr":"185.76.9.12","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"d3b9ca5f9f3b05da0401449cc4db4f1a","sha1":"1aa8e99f1cfe2d6776fbae7ef2fde26b2b18db70","sha256":"da0316ae7fe87925382357385427467ab57c40fd0d8659988ebc9545bc3f1fe4","sha512":"4e972657231b7b56ec4f852a2a6e5d11bde9b12cf6a55a723095f48c0030dd66693b08b9b0a4a6f42699f80ee04604a2e0310d59e4dae291d29281028adc5110","ssdeep":"3072:7dkD8hG1K3qO0L+YIjJI4JvGuzJmiJvGIJ4zXwvzSiGrKt3z+F00x61GfNVsIcuR:k8hlqO0LQ7hjPGrKt3kfHsIcuwtkqnQ1","tlshash":"26443ad53294b03543db51e6906f1106f33e5c19580d812cf269ede678baec8a2b7fb8","size":272004,"data":"","first_seen":"2026-06-22T17:07:54.09355Z","last_seen":"2026-07-04T02:00:28.003585Z","times_seen":399,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-07-04T01:30:20.587934Z","times_seen":42992,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/cdn.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"422c7d8cfa8b78375cc7a767d2ae5ca6","sha1":"7df3f287f769c205f1392de3532517d602cd1810","sha256":"57b37d7cae9a27d965fdae4adcc844245dfdc407e655aee85dcfff3a08036a3f","sha512":"0a30f697aff3d0fd675001e5fbf9724ba3705766e9da28de966d84aaa8394ee18cf3f49cf5688d12d51f2a6fc073b3a9a578ed8666404c53399e7abb3b210f61","ssdeep":"768:DBCz6escmy5dIOT2C3KBdoqCHL6POK/5IKXqLWoOAUORrST5GUGz++u3hBpShpJ0:FCueivEqCr6POQDXmWomUtzMBpShpJyn","tlshash":"c023f9e97396b13283ef01b190bb424af33d2994150e5464f669d8ee383948d51f3fba","size":46346,"data":"","first_seen":"2026-04-30T23:22:33.584041Z","last_seen":"2026-07-03T22:54:30.906823Z","times_seen":1561,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"warn","text":"cdn.tailwindcss.com should not be used in production. To use Tailwind CSS in production, install it as a PostCSS plugin or use the Tailwind CLI: https://tailwindcss.com/docs/installation","filename":"https://cdn.tailwindcss.com/","line_number":64,"column_number":1711}]},"http":[{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/brands/7.png","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.739Z","timestamp":1783045831739,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/brands/7.png HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:39 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Nov 2025 10:39:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5122\r\ndate: Fri, 03 Jul 2026 02:30:39 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5122,"size_decoded":5387,"mime_type":"image/png","magic":"PNG image data, 204 x 162, 8-bit/color RGBA, non-interlaced","md5":"2d09335e1a594cde8ec118a50f3eed81","sha1":"94bf1db1e081d7a851f20301ef3ea251519e8c72","sha256":"3aef13c75bd3d4c0c72545f4f8bbf6a399c3dfd9fe5bf332a86800cadde5387d","sha512":"01246fce220de690d249e721643a2470108014aab7a16129daec9f353d8cb8b4faa25a739a7ccc8d98d7cff49921756541021f57f3bcc0d6527265117d3394b1","ssdeep":"96:6cPFFFFFFFNTWownjtmOacqRG2yXkunv6d+bP2jTLBHymaHyifEbsefFFFFFFr:tyostVqczk2yd+bePlHtaSiqsej","tlshash":"32b14cd9add5a864c6a93b1301d710c4e5c8333aaa00947d3b486cbd2ebd56276dc0ba","first_seen":"2026-02-17T05:07:17.466862Z","last_seen":"2026-07-03T02:31:13.525664Z","times_seen":26,"resource_available":false,"data":null}},"time_used":8055,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8055,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:32.294Z","timestamp":1783045832294,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8000\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Jun 2026 06:02:51 GMT\r\nexpires: Wed, 30 Jun 2027 06:02:51 GMT\r\ncache-control: public, max-age=31536000\r\nage: 246461\r\nlast-modified: Mon, 15 Sep 2025 16:33:57 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":8000,"size_decoded":8812,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8000, version 1.0","md5":"72993dddf88a63e8f226656f7de88e57","sha1":"179f97ec0275f09603a8db94d4380eb584d81cd5","sha256":"f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149","sha512":"7c20165f9d22a86341e841fd58526209017dcde2afe2d0d2a89fe853d95dc69f658d25cf798c71f452dab09843fc808c1ae87a60b1284134163abf5a1d93e50a","ssdeep":"192:GDonmfrEdXT8WrxzRXwyQo3zGEOM7Y2hOMgWnsfYSjv4ENFGwrlKJ:8onPxTzjgyQSzLPXOTIYHJAJ","tlshash":"08f1b0ffa92456c4df692475a5044f27623652b4dd35cb2f496f3e12d2d74224bcc4c1","first_seen":"2023-04-05T18:53:14Z","last_seen":"2026-07-04T02:09:36.912159Z","times_seen":268085,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":22,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"wss://websocket-visitors.smartsupp.com/socket/?EIO=3\u0026transport=websocket","fqdn":"websocket-visitors.smartsupp.com","domain":"smartsupp.com","tld":"com"},"ip":{"addr":"18.193.195.62","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:42.627Z","timestamp":1783045842627,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.smartsupp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 24 Jun 2026 00:00:00 GMT","end":"Thu, 07 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"4F:1A:3B:79:00:E3:DC:1F:92:62:7C:DC:85:3A:BE:8C:D1:68:F2:57","sha256":"7F:93:E6:29:5D:CA:78:BD:30:0D:25:11:3B:E2:01:C9:DC:80:3C:80:90:3F:84:D2:72:1B:0D:42:F1:20:13:D9"}}},"request":{"raw":"GET /socket/?EIO=3\u0026transport=websocket HTTP/1.1\r\nHost: websocket-visitors.smartsupp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-WebSocket-Version: 13\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 0x5jFa+0uRFwP9uxZO+AUA==\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: Upgrade\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Fri, 03 Jul 2026 02:30:42 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: feGXGGWyu+7hVTHOb2OKKWO3HWE=\r\nSec-WebSocket-Version: 13\r\nWebSocket-Server: uWebSockets\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":null,"data":{"size":0,"size_decoded":224,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-04T02:16:40.778872Z","times_seen":16959239,"resource_available":true,"data":null}},"time_used":481,"timings":{"blocked":0,"dns":106,"connect":124,"send":0,"wait":226,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.693Z","timestamp":1783045831693,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 19 May 2026 14:31:45 GMT","end":"Mon, 17 Aug 2026 15:31:39 GMT"},"fingerprint":{"sha1":"B6:67:6F:5A:BE:B9:2A:B2:16:10:49:96:1E:1F:99:2B:44:AF:EA:A6","sha256":"63:A9:BF:FB:46:E0:B8:37:95:77:F3:63:84:AE:78:22:46:11:85:5E:DF:87:F6:4B:EF:F2:2E:24:D5:74:70:39"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 \r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::lgj2q-1783045602230-7595de77907b\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 229\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aHW6aq84FyuuoSdsOuoj9Co4AGXR7AxgBZec4UySQvM9EbDYuzyvPBQwQdX4AgRIGRv2mDMmSjqw0mmjZ5sr%2F4hjPoSDaeDE43XqZScrEc1rDoD1pLAmxkrzoYIIKRTMo1xJ48A%3D\"}]}\r\ncf-ray: a15278003af40731-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-04T02:16:40.778872Z","times_seen":16959239,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":3,"connect":2,"send":0,"wait":5,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.6.0.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.1.155","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.706Z","timestamp":1783045831706,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 20 May 2026 00:00:00 GMT","end":"Fri, 04 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DE:F8:0F:C4:8F:BC:F5:01:B1:66:91:CC:15:DC:D8:6E:5D:2F:45:4E","sha256":"05:8E:2E:14:85:E2:41:28:F5:18:A4:37:49:31:2B:0E:24:53:64:3F:02:15:BE:63:EF:F4:B8:53:5A:8B:6D:29"}}},"request":{"raw":"GET /jquery-3.6.0.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-15d9d\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\nage: 574910\r\nx-served-by: cache-lga21931-LGA, cache-bma-essb1270027-BMA\r\nx-cache: HIT, HIT\r\nx-cache-hits: 375187, 60275\r\nx-timer: S1783045832.747035,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30875\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":89501,"size_decoded":31516,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"8fb8fee4fcc3cc86ff6c724154c49c42","sha1":"b82d238d4e31fdf618bae8ac11a6c812c03dd0d4","sha256":"ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e","sha512":"f3de1813a4160f9239f4781938645e1589b876759cd50b7936dbd849a35c38ffaed53f6a61dbdd8a1cf43cf4a28aa9fffbfddeec9a3811a1bb4ee6df58652b31","ssdeep":"1536:DjExXUqJnxDjoXEZxkMV4QYSt0zvDL6gP3h8cApwEIOzVTB/UjPazMdLiX4mQ1v9:DIh8GgP3hujzwbhd3XvSiDQ47GKn","tlshash":"069309ddb2c6702257a720ba007f510bf236199d6c4d8450f169d8eabc78a4e827bf7d","first_seen":"2023-03-07T01:02:13Z","last_seen":"2026-07-04T01:43:19.328756Z","times_seen":486854,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":9,"send":0,"wait":9,"receive":3,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/storage/app/public/photos/9PABTCzNibDWnXVTuoLTKWTQ3PMjRy9o6ZIhG0vB.png","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.719Z","timestamp":1783045831719,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /storage/app/public/photos/9PABTCzNibDWnXVTuoLTKWTQ3PMjRy9o6ZIhG0vB.png HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2026 10:10:31 GMT\r\naccept-ranges: bytes\r\ncontent-length: 167917\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":167917,"size_decoded":168362,"mime_type":"image/png","magic":"PNG image data, 1000 x 497, 8-bit/color RGBA, non-interlaced","md5":"235cac5276918421e97e03782364488f","sha1":"c348f9cb3c579e92e8206763160141dee160573c","sha256":"8a73c2df54aa6f3b2b6f00ed0afa096917afd1124509b83bede3cc35d0084341","sha512":"7acb2e0183c57a38b90d53d5dcbe8f44e54f4f45eedd9c569e85af8c9feebda55356f6e51aa9ec5a167dc7f95b9cbd66e3b371a6239ed52bae4f12d4bbcc2253","ssdeep":"3072:EKAEYXTjOZLV0agGGogFDKEOBdNfTgSJyYuQ/AplmoNmtbyPyYr7w:OmB6IXgBTOBESFuQIGQmlIyYrU","tlshash":"80f3125f12b8e0609fa3927b854baf8b4de317ff72c914c8ea561c3ca660f5549ac205","first_seen":"2026-07-03T02:31:13.527969Z","last_seen":"2026-07-03T02:31:13.527969Z","times_seen":1,"resource_available":false,"data":null}},"time_used":520,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":454,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/assets-blob-1.svg","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.723Z","timestamp":1783045831723,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/assets-blob-1.svg HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:31 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sat, 15 Nov 2025 10:39:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 588\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1169,"size_decoded":901,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2750e3cf860c0b88dad28074e75cd72c","sha1":"abbca57b80735f869fcf03879a79ef72cdcfc29c","sha256":"9c75ff21b0a93feba2e940cc4834b5587b11c01a4046175c1b83d2b5fbf7ac14","sha512":"b97318f3101fb5bea1352f06b5eb01d5bee3c70ff0abf478f5662ef109ff95fe2b48ab29f97df930cfc255baca804a52e96ff2820f4aeb9d5b655d1c5f1bd5fd","ssdeep":"","tlshash":"ef21f374c7f9a82ae16881b8f795c061582280c7c5918295b09e6b950f16d53cc1f1ec","first_seen":"2025-07-12T14:41:03.048844Z","last_seen":"2026-07-03T02:31:13.529008Z","times_seen":27,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/main20.jpg","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.725Z","timestamp":1783045831725,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/main20.jpg HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:31 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Thu, 25 Jun 2026 18:43:53 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1516947\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1516947,"size_decoded":1517216,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 6240x4160, components 3","md5":"4b2c841f432323fed7952f87d1ded75d","sha1":"de32966f9c5d8c03e6e9d39f8989e4d4c0013500","sha256":"a93d3ba0ab96652ad8cbe9b76571b0fbb59f495915a1275a4d546bc4a95cc7cd","sha512":"2dde75e272202d57a2995589378d2c86ae5097d51d1d2e026191a64965ddd57b78fc2a65dbedc6c1b43449894f658900ad5052af8848bd92c4ae4f5daf8b7618","ssdeep":"12288:kSXW7qUvWOijJqLle8N6RnMrHEsAE1qDOkBCXqqqfXN93IRX774I/0Wb1ySReTdr:k8yqoLlOSdAExijIh7so0aQl1BvZRmev","tlshash":"85252327d758d1a7c0bd977020cb7b2d7f57897a83aa1503576102b63eb2728bc39790","first_seen":"2025-11-01T04:04:14.447326Z","last_seen":"2026-07-03T02:31:13.529566Z","times_seen":9,"resource_available":false,"data":null}},"time_used":863,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":771,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/brands/4.png","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.736Z","timestamp":1783045831736,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/brands/4.png HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:39 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Nov 2025 10:39:38 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5068\r\ndate: Fri, 03 Jul 2026 02:30:39 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5068,"size_decoded":5333,"mime_type":"image/png","magic":"PNG image data, 181 x 120, 8-bit/color RGBA, non-interlaced","md5":"4a708062600f9033950f8a304eeb3f2c","sha1":"e76b1165c2296545d8c59ad6c57308fc42fdbcd4","sha256":"32b486eff50d726c4c1c1d160f9ea9072a6b1a5938f8d2b3a6550d9fef835d4c","sha512":"fafff48380cb8912b1006b422f4c4deed5e9ff938018944c487d4e2cad6996dda0d05fbd4c468e3a215ee472ed43e0ac266caabf0b55604dcbe4b3cf798d97a4","ssdeep":"96:tj9QLJtfqP/GZbjs8MywYH6XlrQSL3vA+fj847PpjquWb:tBQLJ9oyfsJyfHW2yvzLrqu8","tlshash":"f0a11aa038fb0a940ddfa12957f6fb23072e2db2446579957671837c12c5ef026a2552","first_seen":"2026-02-17T05:07:17.480172Z","last_seen":"2026-07-03T02:31:13.530786Z","times_seen":26,"resource_available":false,"data":null}},"time_used":8060,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8060,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/brands/6.png","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.738Z","timestamp":1783045831738,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/brands/6.png HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:39 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Nov 2025 10:39:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 10215\r\ndate: Fri, 03 Jul 2026 02:30:39 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10215,"size_decoded":10481,"mime_type":"image/png","magic":"PNG image data, 243 x 162, 8-bit/color RGBA, non-interlaced","md5":"9045a79a606ba5d90b42658626d09fdd","sha1":"7ede97a4e4d08b0e24c22e32316e3fa68262bf48","sha256":"7fdfd68d77210df2736913ce6c61d437c1f65c5b2f64aa0a2d4ed8d85440742b","sha512":"307a0c8c71da16df8ee52d3cc34a3ddf384cec7efc4540bf41d5af71e712d9db99c99676d213d0948d9eb2e232c4c55054108ea6f1d3233bf3bc02bb4810d8d0","ssdeep":"192:yw9V0P7oKwVNlfqWXNR3QPPnCYvcwqd26hMLTTQUD8L00L6jv/B:79V0Pl05YNLTTPoLjLav/B","tlshash":"eb229feda693c8d69a820a074cac2c0bf5133e647dd34776f968b3497ccde427300258","first_seen":"2026-02-17T05:07:17.473566Z","last_seen":"2026-07-03T02:31:13.531352Z","times_seen":26,"resource_available":false,"data":null}},"time_used":8056,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8056,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"172.67.68.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.864Z","timestamp":1783045831864,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 19 May 2026 14:31:45 GMT","end":"Mon, 17 Aug 2026 15:31:39 GMT"},"fingerprint":{"sha1":"B6:67:6F:5A:BE:B9:2A:B2:16:10:49:96:1E:1F:99:2B:44:AF:EA:A6","sha256":"63:A9:BF:FB:46:E0:B8:37:95:77:F3:63:84:AE:78:22:46:11:85:5E:DF:87:F6:4B:EF:F2:2E:24:D5:74:70:39"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::bj55r-1781146628084-40ce7f37f405\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 1899203\r\nlast-modified: Wed, 01 Jul 2026 01:49:34 GMT\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xBMz8%2B3S7q0vhMRRsHr2Lrg%2BPpg3xbYCWEcQszUpsp8xAZAvUgnmUmsOVYeUBNXP4DT2nBuAk522zxwhIHHj%2BatQF0kHdYFypV0v4N7U5X9nky3SbvAfEBeZfYPoI83bJIaiiI8%3D\"}]}\r\ncf-ray: a15278012c380731-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":407279,"size_decoded":127120,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-07-04T01:30:20.587934Z","times_seen":42992,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-brands-400.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:32.287Z","timestamp":1783045832287,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.5.1/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Fri, 03 Jul 2026 02:30:32 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\nlast-modified: Fri, 01 Dec 2023 00:32:25 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 31254\r\nexpires: Wed, 23 Jun 2027 02:30:32 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t7mcWdTDcR3HRWHxe9jBNlOtz%2F5AgHZFVuBJbK6CePrquI7ARqWQ22XHHdx2fRVL1hNI1XtZCtcq4s5CgLiJlvMFIA4cOMorZdpv%2FsBBHZ6W%2FpxpMij%2FYyrxN09tnDvL8IlUNPPk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a1527803ce940b4d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":117372,"size_decoded":118341,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 117372, version 773.768","md5":"b6356c957274676e6571c1ff5e11c9a8","sha1":"4022f95e001d734ca8f082b8e7627abd205609ec","sha256":"3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490","sha512":"83de79c74480fafc62cdac4012ff2a129d8701772ee16216c3d9488826ac21a9c2f8a416fe3208a61bfea7e12c24ac1cc2d26f6d22bd2b0ba39a22d630238b59","ssdeep":"3072:U3JKgVzg5ybfXYe5W59JPQaPWKSsx/DBMnVnqedkAFqPQTzIBIOK2vDMF:IVM5A5GJPQaH/NMtBkAvcnYF","tlshash":"c4b312f88b7ac9a5e304e67b55e4613555a0aec8b180f35453be7c2c221e10dc67afe3","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-07-04T01:49:36.461112Z","times_seen":26435,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.smartsuppchat.com/loader.js?","fqdn":"www.smartsuppchat.com","domain":"smartsuppchat.com","tld":"com"},"ip":{"addr":"185.76.9.27","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:32.302Z","timestamp":1783045832302,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1161431244.rsc.cdn77.org","organization":""},"issuer":{"commonName":"YE1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Jun 2026 14:34:49 GMT","end":"Wed, 02 Sep 2026 14:34:48 GMT"},"fingerprint":{"sha1":"77:06:42:CE:73:9F:CA:05:A3:6E:99:99:F2:3F:B7:EE:E4:60:E9:29","sha256":"E7:6E:68:C5:CD:6C:F6:14:84:A0:18:1A:D7:94:77:7A:28:F6:67:8E:90:58:94:AE:3A:65:6A:B7:95:0F:5D:1B"}}},"request":{"raw":"GET /loader.js? HTTP/1.1\r\nHost: www.smartsuppchat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 03 Jul 2026 02:30:35 GMT\r\ncontent-type: application/javascript\r\ncache-control: max-age=300, public, s-maxage=60\r\netag: W/\"6a2663cd-4668\"\r\nexpires: Mon, 08 Jun 2026 06:46:12 GMT\r\nlast-modified: Mon, 08 Jun 2026 06:40:13 GMT\r\nx-77-nzt: k7Zb6ayR/WdZmg86q42avUFdc3H1vyd4IRiBwlqJG81qaBr6edasy+4y7AGQq0ulhZ09JEU\r\nx-77-nzt-ray: fdb541234aa012fbcb1e476a0c768825\r\nx-77-cache: HIT\r\nx-77-age: 30\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":18024,"size_decoded":6042,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (17951)","md5":"218d24439d4e2c0990f35338a7ac220c","sha1":"5a7b913584c1244bf61beab9dc644204d130101c","sha256":"efb497f7159de26ea5e0521d675d909dc063e36d0d23c2ad96fa9109b73ee263","sha512":"17af39bfdc350c9d1f8dd74652641d0c028881ecb3935d2d9fdb763d24136665d135d00219aabac57693112e2314d4fa91b802ba2662a1580aa35c5e0b6e624b","ssdeep":"384:2/xzy2A3wyxNeBWbEgl/EuVaBWbE0rIcvqSI/aQ/UpG:2/xzy2A3wXscuVaAxka05","tlshash":"4182b7cc7691b16543ab61b4843f620ff1376929740d8865b965eae13cb8c8ed037fb8","first_seen":"2026-03-30T19:01:55.527327Z","last_seen":"2026-07-04T02:00:27.989272Z","times_seen":4152,"resource_available":true,"data":null}},"time_used":3330,"timings":{"blocked":-1,"dns":33,"connect":8,"send":0,"wait":8,"receive":0,"ssl":3280},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/storage/app/public/photos/EVsOFogsZPITQTV0nXYWN3WD8Ly9piZRvoAJY1EI.png","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:33.370Z","timestamp":1783045833370,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /storage/app/public/photos/EVsOFogsZPITQTV0nXYWN3WD8Ly9piZRvoAJY1EI.png HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:34 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 30 Jun 2026 09:58:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2440\r\ndate: Fri, 03 Jul 2026 02:30:34 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2440,"size_decoded":2705,"mime_type":"image/png","magic":"PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced","md5":"78eed42cd64fa42934ef79210bed8116","sha1":"faffde2f6ab1e38163155bd7c5c7f5fd1c6d744d","sha256":"20766e6cef215f3b892746fd1aa1cfad148bb24e2d2ee882ebcbd7664d562f96","sha512":"936af0be893fb0415a0f22540c18f58c5d533d8dd9962fad0b35398b5c05695c6467f9fdf763f71d5c92b6d0ab7b687b8508b04363d15cd7e6db2dafce44db1e","ssdeep":"","tlshash":"d051f90578568109ccdeba0d309902cb69fb25514d97f69901e773ecbab7a0cccfb152","first_seen":"2026-07-03T02:31:13.533658Z","last_seen":"2026-07-03T02:31:13.533658Z","times_seen":1,"resource_available":false,"data":null}},"time_used":976,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":976,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bootstrap.smartsuppchat.com/widget/c7362dcf4788fcce3bf8437c737304df59e88dcc.json","fqdn":"bootstrap.smartsuppchat.com","domain":"smartsuppchat.com","tld":"com"},"ip":{"addr":"63.186.62.35","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:35.669Z","timestamp":1783045835669,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.smartsuppchat.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 02 Dec 2025 00:00:00 GMT","end":"Wed, 30 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DC:47:26:FC:2D:4B:14:19:23:BC:B7:70:14:DA:60:A6:21:B0:1E:81","sha256":"0D:5E:FD:70:25:9E:DE:DD:47:CF:0C:58:1C:08:A2:A1:05:AC:A6:7E:0C:43:6F:50:E7:49:E0:A1:60:D0:0E:0F"}}},"request":{"raw":"GET /widget/c7362dcf4788fcce3bf8437c737304df59e88dcc.json HTTP/1.1\r\nHost: bootstrap.smartsuppchat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nContent-Type: text/plain\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 03 Jul 2026 02:30:35 GMT\r\ncontent-type: application/json; charset=utf-8\r\nx-version: 6cb79abf75047496934c7756b55ec6f26e7d2373\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: private, max-age=0, must-revalidate\r\nx-hit: redis\r\netag: \"4c3-pi38YXoJ+Gh8KY0KIrVCVq/hyhU\"\r\ncontent-encoding: br\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":1219,"size_decoded":883,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"77f3208f0a09e466ee1b986adb47c8f5","sha1":"a62dfc617a09f8687c298d0a22b54256afe1ca15","sha256":"91a17bbfd2bd79d8531b8f757130530f76cac8fabbde2bf36a4086581c3b336a","sha512":"c305c80dd01a0dcc6bbab5944d97dba93ada164a9f6e9702bb420735ec8a9c4c1126d4102cce965e59cf109e96aaefa97ae37e7c18997e11d4efd867005139f9","ssdeep":"","tlshash":"5321426d4a6822fe9245c6d6c5047f035abcdcb37100397eea0d0a0d60eb2a6213646b","first_seen":"2026-06-07T07:17:39.486436Z","last_seen":"2026-07-03T06:48:26.76077Z","times_seen":47,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":0,"dns":2,"connect":22,"send":0,"wait":24,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget-v3.smartsuppcdn.com/assets/style-C7D7IPLZ.css","fqdn":"widget-v3.smartsuppcdn.com","domain":"smartsuppcdn.com","tld":"com"},"ip":{"addr":"185.76.9.12","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:39.116Z","timestamp":1783045839116,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1857279285.rsc.cdn77.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Jun 2026 14:34:45 GMT","end":"Wed, 02 Sep 2026 14:34:44 GMT"},"fingerprint":{"sha1":"92:5D:A0:17:13:91:72:7B:B6:8C:6A:7D:A9:55:7F:C8:A9:47:11:99","sha256":"0E:FC:E3:4D:AD:32:B2:11:05:DC:E3:CD:CC:9E:10:DC:C5:2D:9E:1C:D7:C1:9C:00:92:15:43:C5:B7:0B:3A:D6"}}},"request":{"raw":"GET /assets/style-C7D7IPLZ.css HTTP/1.1\r\nHost: widget-v3.smartsuppcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 03 Jul 2026 02:30:39 GMT\r\ncontent-type: text/css\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000, public, immutable\r\netag: W/\"6a39150b-8d34\"\r\nexpires: Tue, 22 Jun 2027 11:00:05 GMT\r\nlast-modified: Mon, 22 Jun 2026 10:57:15 GMT\r\nx-77-nzt: kyL1VwW/ltHeGj1qr1dKq5iiLU+0h6uR2RlpgeU4HNihQxhCYxgYYSA05FKuD2n1cixfGq8\r\nx-77-nzt-ray: e2f754204b82de55cf1e476a5c7d3807\r\nx-77-cache: HIT\r\nx-77-age: 919811\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":36148,"size_decoded":8199,"mime_type":"text/css","magic":"ASCII text, with very long lines (36135)","md5":"a41094383649c1003556ef0599afd4fc","sha1":"3649509b0ec58e47b5a30523e597e96786c2b95c","sha256":"b960463003401b5f238074891f7c37cf2d1302eb9b105d60a25161914b8aee67","sha512":"7fcac7b5ef202e712563bcd23fb508ca596a95aa536607104dd060a8412cd1582c557c349d841f707c7e4d3800272b6c2685a01b98c0d0ae8643945cf49e635a","ssdeep":"384:F8fY2l091g7Tc6/WYtGLadKzSVX8Kj6+rZcrNSN56qB56YR9evZLLq51vZLLq5G:F8wM091gTcCWYtG4XHcrNSN56DwQ43","tlshash":"aff2966daad9093dac23c179e3f8e58c911af5d5df3226daf74239008ac17ff0986514","first_seen":"2026-06-22T17:07:54.19771Z","last_seen":"2026-07-04T02:00:27.983684Z","times_seen":399,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"translations.smartsuppcdn.com/api/v1/widget/translations/lang/en/defaults","fqdn":"translations.smartsuppcdn.com","domain":"smartsuppcdn.com","tld":"com"},"ip":{"addr":"185.76.9.11","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:39.240Z","timestamp":1783045839240,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1087630013.rsc.cdn77.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Jun 2026 14:33:02 GMT","end":"Tue, 01 Sep 2026 14:33:01 GMT"},"fingerprint":{"sha1":"CE:B9:32:81:E9:D2:46:C8:31:53:55:D3:41:19:F7:94:91:30:D1:93","sha256":"54:C9:41:2F:97:E8:14:28:D7:2C:4F:FA:E0:C3:3A:BC:85:F8:14:22:1C:98:23:82:53:4D:5D:58:C9:0B:C9:68"}}},"request":{"raw":"GET /api/v1/widget/translations/lang/en/defaults HTTP/1.1\r\nHost: translations.smartsuppcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 03 Jul 2026 02:30:42 GMT\r\ncontent-type: application/json; charset=utf-8\r\naccess-control-allow-origin: *\r\ncache-control: max-age=600\r\nx-response-time: 0ms\r\nx-version: c4b9b8d0c31c1dd2975ba8f40325cc536835e186\r\nx-77-nzt: kzH0jFG3HccBVLf/Hwu6gMY0ALIt/0DisPWMNuX57+2q/piuilvKkY5l/7iwwg9uFQrk1ug\r\nx-77-nzt-ray: e2f75420958e9c70d21e476a82164522\r\nx-77-cache: HIT\r\nx-77-age: 307\r\nvary: Origin, Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":7216,"size_decoded":3346,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"05d7604a60456ab25eb809557b353edc","sha1":"e32135b721636e7994e42748da35341e03dfd123","sha256":"5892aca834fe3f9f8fb66f68c8a3eb2295708a3b428cf355d7f3e3c1a0b7b62e","sha512":"db4124c008e22597192e1f07b44575ff191a03322f763bffb1efd129152e0f6f1546d98f5016967b32cc71a8252fefc0546aef0be258e8343fbba4ae2afe00da","ssdeep":"192:Ccdft/hc4l6WKHSY8pZcqq+jT0UHAfoW/Ymz8:CgF/hcbWbYKZcF+jhqoWQmw","tlshash":"48e1b54f9a144ea987c6438276cfb84675bc80734250993afd8cc8b842697cda3e3b94","first_seen":"2026-04-01T12:23:41.393805Z","last_seen":"2026-07-03T23:11:08.115456Z","times_seen":2709,"resource_available":false,"data":null}},"time_used":3337,"timings":{"blocked":0,"dns":34,"connect":8,"send":0,"wait":8,"receive":0,"ssl":3287},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-03T02:30:30.381Z","timestamp":1783045830381,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nx-powered-by: PHP/8.3.30\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-cache, private\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\npermissions-policy: geolocation=(), microphone=(), camera=()\r\nset-cookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; expires=Thu, 24-Sep-2026 10:30:31 GMT; Max-Age=7200000; path=/; samesite=lax; secure\nqtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D; expires=Thu, 24-Sep-2026 10:30:31 GMT; Max-Age=7200000; path=/; httponly; samesite=lax; secure\r\ncontent-length: 9344\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"jQuery:3.6.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50343,"size_decoded":10924,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (336)","md5":"b59d649b38afc2573dda4ed2c2a4545c","sha1":"5542c670ece9702c6becbeaf8879eff732d16af0","sha256":"e716986b1e4717dc2757d6c9c880216edfd380bdf34ffb91225130e8d2819711","sha512":"4bbb1ea3e6d4b3cf2fcdf4e3cec089131631fdac26a2ac26e595af785d81f1162f9d74c50c0256c06bdf4d7483dbe88cf679095d154c2fa4cc5e92e0b7e568db","ssdeep":"768:yi5sr+0TKXgbhRR9V96T0QBZooyfig0RMImJObOROgFS9hp7lPu:VK1vLEbBppPu","tlshash":"e433533422f215b70593c5a4b6a1ab1ebfa9ea47c50fda4873ac47825fc7c42cd53368","first_seen":"2026-07-03T02:31:13.536223Z","last_seen":"2026-07-03T02:31:13.536223Z","times_seen":1,"resource_available":true,"data":null}},"time_used":761,"timings":{"blocked":-1,"dns":285,"connect":65,"send":0,"wait":322,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.699Z","timestamp":1783045831699,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 845\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Mon, 04 May 2020 16:04:00 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 4114\r\nexpires: Wed, 23 Jun 2027 02:30:31 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uL18E6S%2BJraifqkLGtNXIny8r2BmUy7m7hV1%2Fs4%2F6CAWnSr6rGNPU3OZkFq45uZfPDtD%2BDKHa994mpjErZbWIAdyhPhov6zyvRLoeeKh%2BZN9Qxs565Indx4nstVY8okCwpmKCWNF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a15278003ed7b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3351,"size_decoded":1864,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (3184)","md5":"b2752a850d44f50036628eeaef3bfcfa","sha1":"fba46353cf90450ef3d362a123f1e7af3e8c561e","sha256":"521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc","sha512":"b52dd2e6a1b40658674113b2257bcd8de10ce14a4c5c7ad07d31a66d0d602a67a50b195210151ac614418ff1054f3a5b3f84554aba448a46e6749a1b0af844de","ssdeep":"","tlshash":"9161bbe5314a225f480f83121dd81e86393dcc52d8660a5a92bbd71447dae6d213ffcf","first_seen":"2023-04-05T13:49:19Z","last_seen":"2026-07-04T02:08:19.403044Z","times_seen":40569,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":1,"connect":16,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.701Z","timestamp":1783045831701,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 331\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Mon, 04 May 2020 16:04:00 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 12876\r\nexpires: Wed, 23 Jun 2027 02:30:31 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oLg6x7RdZyWlyFJF35lmkIuWf9qa6oRyhk6BlGBLkC8xdjgfi%2FNS1T7zZHNDryY0H%2B1cScBhk%2BHhQgslbwzz8RoYfGZw5hTy1RzIajRhxX%2BIXFAX8bKxU%2FemBBeLMbx9R6ehqBmN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a15278003ed8b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1013,"size_decoded":1351,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (846)","md5":"594b81805a98b267e47c70a8fad30d9f","sha1":"684d84ec40b305ca14efc88c91f12972cb6342b4","sha256":"924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac","sha512":"b0c5ed30d2f5cd1ce894760a12e8ccd80a822d447d1760b8ff4e5c75bc638cb491bcc40872210f090668fbe9e4ee0a3706d4ae2bd91f6bfb3e6b87f88b9a4b93","ssdeep":"","tlshash":"4d11abc5f189221d301781904aa842cb6b1e687e529d0ef5f8ee8160c22dd053a6fbf9","first_seen":"2023-04-05T06:03:14Z","last_seen":"2026-07-04T02:08:19.3553Z","times_seen":25061,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/heros.png","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.721Z","timestamp":1783045831721,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/heros.png HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Fri, 23 Jan 2026 11:27:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 779555\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":779555,"size_decoded":779822,"mime_type":"image/png","magic":"PNG image data, 2113 x 844, 8-bit/color RGBA, non-interlaced","md5":"c9e6bb2f1461cb53e4f0ca62da7758d3","sha1":"c099fa5f056b84d6e4d1c90fd6e4b5e74f37bd1b","sha256":"0a8077685928582ebfee557b720ae1220b9b8644a4a3c0ce1d72e290b2307524","sha512":"a406922337d3c7088f67c95a808139e534275155fe87b256b0e2e8d28b2c1333823fa0f8c9e5bfda5b5d17730bf3c0a4a8285fdbc5d1b5ac14b802570648ab79","ssdeep":"12288:1TKVlHcaMK6YqSg3G2M00JzFxZs8nj/lZKR4pKpX8dwFAgabzUXbM3U4OxE:FGcaMKmSgW2mTxZ5j/lZRpKpX8dwwPU6","tlshash":"a9f423e487348d772c6ff778c3a5e831c2673a838a1151f5117ada6dd497bd0caa4b80","first_seen":"2026-02-17T05:07:17.470692Z","last_seen":"2026-07-03T02:31:13.538615Z","times_seen":26,"resource_available":false,"data":null}},"time_used":743,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":672,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/smaller-not.webp","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.729Z","timestamp":1783045831729,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/smaller-not.webp HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:31 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 15 Nov 2025 10:39:18 GMT\r\naccept-ranges: bytes\r\ncontent-length: 73404\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":73404,"size_decoded":73671,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8de5e4d7b9afcef8952ce01d4fba4653","sha1":"df45eaea767bab390ae18df88617b8b4bda8363f","sha256":"02f3b38ba115d7f1a45466c21bd62c5328d0fb62bca0084dad6436abb8481118","sha512":"a1e18925d9c5a9bd159f6625de061c02dd2c2ee6e034bb7eaabb89ed6c8f219d9d0d3fcbe1d1dfd5fef380b89cfe777d9199481e27f90449b2be5fb7a106e56a","ssdeep":"1536:s4StuNq7oNm/OX0FH4ryKHR+hhigRoqZgZuymtVu95ar0Jtr:sfUPmdiLR+mgRNZgcymm9443","tlshash":"d77302234b0d17a4ee48117b35af7ebefa13576eaf7e4300568035788ab6513b306638","first_seen":"2025-03-09T08:12:08.830284Z","last_seen":"2026-07-03T02:31:13.539139Z","times_seen":28,"resource_available":false,"data":null}},"time_used":426,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":301,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/landing-page-cover-shadow.svg","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:32.244Z","timestamp":1783045832244,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/landing-page-cover-shadow.svg HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:32 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Fri, 23 Jan 2026 11:46:10 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2053\r\ndate: Fri, 03 Jul 2026 02:30:32 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":12674,"size_decoded":2367,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6151920e51c7db920417439dcc0f20be","sha1":"ae75326900519fe03d670f71d46fd20f807946c1","sha256":"85b987808954d2856a9f9107b5730bb05a2db768acd671392a7769df2593cbb9","sha512":"26347728bd36c4e017b47b9d5e6daff201da6767ff7ec21ef726536fb5ab8b2da65afb9b050a2fb6b7afd9fe891ad5f20d54073d1c8f4fa94879b8c18d3779da","ssdeep":"192:PT58Dx/II8l/GSkcLya7ozKKWOJzVhvCGi7s:P189AIgG7w7ozKKWOJzVh6GiA","tlshash":"be4236edf6f2a84978ab0278ffe96493301191ee8301424af07d7a765512ec6ac7d3c4","first_seen":"2026-03-04T04:56:33.035795Z","last_seen":"2026-07-03T02:31:13.539666Z","times_seen":24,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:32.281Z","timestamp":1783045832281,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 28 Jun 2026 10:12:28 GMT\r\nexpires: Mon, 28 Jun 2027 10:12:28 GMT\r\ncache-control: public, max-age=31536000\r\nage: 404284\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":24836,"size_decoded":25649,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-07-04T02:09:24.036258Z","times_seen":30688,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":30,"send":0,"wait":26,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:32.289Z","timestamp":1783045832289,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Fri, 03 Jul 2026 02:30:32 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\nserver: cloudflare\r\npriority: u=5,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\nlast-modified: Fri, 01 Dec 2023 00:32:25 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 15574\r\nexpires: Wed, 23 Jun 2027 02:30:32 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vl5rQxRhgF52TKr2v9m7Vir0PAT5raOQXfp0CvBr%2FAQyKHgIs6EpUXVXQCwLPcXJg92qrcQjKIA3Kj9GLR%2BYAftCrHpZTZ%2B3FYvT7VmbZVKWIe1cKDfaBOpdYEgtQHD7F8g9hRdU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a1527803de950b4d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":156496,"size_decoded":157463,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 156496, version 773.768","md5":"6c4eee562650e53cee32496bdfbe534b","sha1":"1aae708e3b94ee981b452a918d28ed037fbb5e18","sha256":"9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2","sha512":"ebcb5a2e2a908228f77ecd03b45491778cad73ddc39fa3a6334b129aaf9fa36c16c0307aeaad74d77f616b5b34aac52d91e9f4816945253dc9a826ddd71f4d12","ssdeep":"3072:OvM6gZMLmY8uGpjVnlooQ+GQs8jic0f/KkMdE:OU65LoP5QSsuic0f/cdE","tlshash":"8ce31200d620498d9978fd5b2a1fa1ffa7a939c95ed210bad3c30cb93257143bbc2556","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-07-04T02:07:59.66414Z","times_seen":44916,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.698Z","timestamp":1783045831698,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.5.1/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Fri, 01 Dec 2023 00:32:25 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 17677\r\nexpires: Wed, 23 Jun 2027 02:30:31 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VdpoFz98WWwzKVD8MM%2BFfnwI3yegAJ2xzXmN0cWhY7mdCo%2B3GC8ftQuqSo3No%2BvU2AZvwHt8Ty8VI4KQzD3v6sEL1omo32o%2FLzfgsirmhwcmb7gquo4%2FLMqT2Nrq%2Bfk6bnuSDi31\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a15278003ddd0b4d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":102641,"size_decoded":19840,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"9402848c3d4bbc710c764326f8b887c9","sha1":"b6e555166eb1381392e00adcde9bf8863f16ff01","sha256":"c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7","sha512":"0d33903bd456087de9a46a9c59a100d41219382eb1c5a97012cc3d73641078021fb65f957a0a2f96779ed5cf505f84dcb6758c9f5dd36727be822326f1ed8bc0","ssdeep":"1536:iwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPG9ZpgSLCJ:O709gMGFiyPG9ZiSLCJ","tlshash":"79a3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-12-02T04:06:15Z","last_seen":"2026-07-04T02:07:59.840341Z","times_seen":31283,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":2,"connect":16,"send":0,"wait":13,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/brands/1.png","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.730Z","timestamp":1783045831730,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/brands/1.png HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Nov 2025 10:39:38 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3511\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3511,"size_decoded":3776,"mime_type":"image/png","magic":"PNG image data, 193 x 109, 8-bit/color RGBA, non-interlaced","md5":"bb47be56e1776f45a17a54b4cd35e36f","sha1":"67b9975efb13cb03a5828aa4548cecaf3db6e008","sha256":"e27d3e9a4db3049b834c7278529d69fc9c7a89f42c1deaa2fea7872a9514b24c","sha512":"b32407dc053101f4c3420869069724074b421ba45e7ede930538f1993865766760fb2a92c607b7c0f2f190b912cd8f3a46623f629fb5eafc3cc33f9e19013d49","ssdeep":"","tlshash":"c07129e560c180e4a602d8b151c7111044127c77386bbaff2a3bf9c6a7edaec139ac58","first_seen":"2026-02-17T05:07:17.485905Z","last_seen":"2026-07-03T02:31:13.542829Z","times_seen":26,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/brands/2.png","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.734Z","timestamp":1783045831734,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/brands/2.png HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:31 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Nov 2025 10:39:38 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4332\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4332,"size_decoded":4597,"mime_type":"image/png","magic":"PNG image data, 195 x 110, 8-bit/color RGBA, non-interlaced","md5":"75c137f3fc0cab875766fd92d6e43891","sha1":"751c4f641e6d307123e4c0754ef189a86db4459d","sha256":"29e35ef10c69dd7367299dd6c2cb9a6f4a84962a49b959ce3c6d3b378d07b65a","sha512":"c97af6e3b0cde14698e63ad765be095756506f6262c22519ea0235e7e0e9a0b19d7d9fa2388b71bfdda0b3c0fc951b5db5122a6a45b000714ff5f15d359121e3","ssdeep":"96:JkMzeHWPRGXFr/ZuadzhaZqGW0X9HaqoB:+WeHURGs2zhXUS","tlshash":"d6911acd5e4682e1d182685c7636dc18855bfbea3a22a44b5a0ddcf5e82cc0d6c52d86","first_seen":"2026-02-17T05:07:17.467737Z","last_seen":"2026-07-03T02:31:13.543377Z","times_seen":26,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:32.285Z","timestamp":1783045832285,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7840\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 28 Jun 2026 10:09:57 GMT\r\nexpires: Mon, 28 Jun 2027 10:09:57 GMT\r\ncache-control: public, max-age=31536000\r\nage: 404435\r\nlast-modified: Mon, 15 Sep 2025 16:35:17 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":7840,"size_decoded":8652,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7840, version 1.0","md5":"8d91ec1ca2d8b56640a47117e313a3e9","sha1":"a9e9bafe64666f4595051a0e895b47a5fa39e67e","sha256":"78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb","sha512":"bd3a864bd45f39ee83ee79ba4469a156ad8ff3dd33d8aae11e3edd97b29c2ef7f610ac851726041251e34b0108f618a2f945038bf6c0de9a7982e0d643cdfcfb","ssdeep":"192:S5upwnqrBHPLA3J73KAQDPh50uFdXrnpjDS7LjvQnRb:S5ELrBvLA3J76AIPhi+vXwzQnRb","tlshash":"68f19de0200937e4f73d5feee6276b7f2e2edb05e25305aa7556014c69de39310d21a2","first_seen":"2023-04-06T21:42:41Z","last_seen":"2026-07-04T02:03:25.215113Z","times_seen":76441,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":19,"dns":0,"connect":0,"send":0,"wait":36,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggmxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:32.290Z","timestamp":1783045832290,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggmxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15120\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Jul 2026 06:18:29 GMT\r\nexpires: Fri, 02 Jul 2027 06:18:29 GMT\r\ncache-control: public, max-age=31536000\r\nage: 72723\r\nlast-modified: Thu, 04 Sep 2025 17:08:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":15120,"size_decoded":15932,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15120, version 1.0","md5":"6d36d5bdedfabb5bbee2ab6b6ded3416","sha1":"1f62546fa0a051004f4faa3f40a4a8074a2e06ea","sha256":"3911b66d9f2e005a4b989223405d0e5032619c668597ba467cc76a23c8fffcfb","sha512":"21c425a24911d63daee9242105549805d53dbe91d463be1512949245d3c72769bd81b6a5617388776a204a45995a4365fb5dc0abc9b081f6abbb4018f36c2138","ssdeep":"384:BCX/6yjzk4RmmVzZQVIiSeYWsfTZW3xYuiM:BQ/2bm3QVd1YWB3X/","tlshash":"6162c0c2e4149ad6cea76175d373c84196d98ce0bdefa84098e32b414317b24bbdb7b4","first_seen":"2025-06-04T20:22:57.505569Z","last_seen":"2026-07-03T23:01:34.924841Z","times_seen":1771,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":33,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:32.293Z","timestamp":1783045832293,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Jul 2026 02:57:09 GMT\r\nexpires: Fri, 02 Jul 2027 02:57:09 GMT\r\ncache-control: public, max-age=31536000\r\nage: 84803\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":7884,"size_decoded":8695,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-07-04T02:09:36.872611Z","times_seen":368478,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":15,"dns":0,"connect":0,"send":0,"wait":19,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget-v3.smartsuppcdn.com/assets/main-Cbzgowwk.js","fqdn":"widget-v3.smartsuppcdn.com","domain":"smartsuppcdn.com","tld":"com"},"ip":{"addr":"185.76.9.12","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:39.111Z","timestamp":1783045839111,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1857279285.rsc.cdn77.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Jun 2026 14:34:45 GMT","end":"Wed, 02 Sep 2026 14:34:44 GMT"},"fingerprint":{"sha1":"92:5D:A0:17:13:91:72:7B:B6:8C:6A:7D:A9:55:7F:C8:A9:47:11:99","sha256":"0E:FC:E3:4D:AD:32:B2:11:05:DC:E3:CD:CC:9E:10:DC:C5:2D:9E:1C:D7:C1:9C:00:92:15:43:C5:B7:0B:3A:D6"}}},"request":{"raw":"GET /assets/main-Cbzgowwk.js HTTP/1.1\r\nHost: widget-v3.smartsuppcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 03 Jul 2026 02:30:39 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000, public, immutable\r\netag: W/\"6a39150b-3f9d\"\r\nexpires: Tue, 22 Jun 2027 11:00:05 GMT\r\nlast-modified: Mon, 22 Jun 2026 10:57:15 GMT\r\nx-77-nzt: k2axl3+T+y5/jxBo4HsCHrRuHfSJwWY3BWWRQ11BvZ5LDbP+74DKHcUbvkgr8v4X3cw/9ls\r\nx-77-nzt-ray: e2f754204b82de55cf1e476ab8c0f106\r\nx-77-cache: HIT\r\nx-77-age: 919811\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":16285,"size_decoded":6807,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (15877)","md5":"dfe560aba1935b8b39c27aa71dc58c8d","sha1":"57ca1d5bc344e6094a43b6b4caafad444e974c02","sha256":"0b7bcba63083ad1debda57e3152b6f65644d8a21fc14bb0fc9bb94e1acb10a0b","sha512":"e4af2de0e4e1a7febb2d879c0a4c1509d8c79b2a44bb7b85fbfab163a3176be3e94513d055341b8a3098c1cf50b16bf8518b1ec7cb44292abc29d8f7b68f895a","ssdeep":"384:8+mNMMmMwhaMaew3LtmBp3dUdhdr7NPCuukhP8ZvxklZBCQrdCfs:8+mQMGaMaewZmBByjhPkkhP8RBQrdC0","tlshash":"6d72e7b42310783f312f581d166ce9867336d198e55390199b2eec4e36cacc5adb3bb9","first_seen":"2026-06-22T17:07:54.172262Z","last_seen":"2026-07-04T02:00:27.955667Z","times_seen":411,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/brands/3.png","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.735Z","timestamp":1783045831735,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/brands/3.png HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:38 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Nov 2025 10:39:38 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7191\r\ndate: Fri, 03 Jul 2026 02:30:38 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7191,"size_decoded":7456,"mime_type":"image/png","magic":"PNG image data, 222 x 111, 8-bit/color RGBA, non-interlaced","md5":"2ec1c7f77cb2c1d883a49949d3458155","sha1":"304d0bfe07aeb783f6998ef5412f8f82294c857c","sha256":"ddc2b39e2f6648f79d02adceb15a1680118c928332026a446be54b5dff690a95","sha512":"8f896b6fbf851b69206767dbca09651d0ddb40a820ab458c6d847c19159466a659b4efc4f4d19a27486b1e40f0fb79d87ef2e7551f1e52858e34f025b70684b8","ssdeep":"192:M6o4SD7W6m88LiWLCSLHioL0vIggj6yoeuPvRgijhgI6MyO:MQ6B8L7LCW0vo/oeKy6hgWyO","tlshash":"52e18e69bc094c1f9dc790700377185188a94a3ad7d453e3ed3ef4ea348ab14b8dfa52","first_seen":"2026-02-17T05:07:17.482919Z","last_seen":"2026-07-03T02:31:13.546225Z","times_seen":26,"resource_available":false,"data":null}},"time_used":6999,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6999,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/brands/8.png","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.740Z","timestamp":1783045831740,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/brands/8.png HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:39 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Nov 2025 10:39:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 10115\r\ndate: Fri, 03 Jul 2026 02:30:39 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10115,"size_decoded":10381,"mime_type":"image/png","magic":"PNG image data, 227 x 208, 8-bit/color RGBA, non-interlaced","md5":"4d29a41c8bb194a715332ce4d09f906e","sha1":"fa689422c72e08afd78e4484968e7452db5bf5f0","sha256":"9c58a3677752aef15a10672b568be441f7db2cd6f4b1fb5286eadd45302b8951","sha512":"f09a46f79e194110babe49a756823a63e8dc2cf2d553d97de29ce6a35fae860a2181c20171618fba1baa05277ad2f6046489e6f03b1343164e656bdc98060ea0","ssdeep":"192:GvQuXLROETAZOekwcQJ3ODl3+DF9I2vA5zseSUFzVPfGqN0CdYrw500LFEoO:GJLHT6YwVeZ6Ilxf31FYc50EGl","tlshash":"c2228e4386e825e9fac4d618f684cd5ff1902e2b44e978c2afcf919ad350bce544e909","first_seen":"2026-02-17T05:07:17.481186Z","last_seen":"2026-07-03T02:31:13.546736Z","times_seen":26,"resource_available":false,"data":null}},"time_used":8104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8102,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:32.283Z","timestamp":1783045832283,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:01 GMT","end":"Mon, 07 Sep 2026 08:41:00 GMT"},"fingerprint":{"sha1":"01:31:A1:A6:4F:08:45:E1:F0:0B:CE:B1:B8:D8:61:D7:D1:70:ED:6F","sha256":"29:C5:5D:01:47:6E:72:F7:2C:CC:0B:96:BB:67:BA:39:CC:03:11:EB:7B:47:F5:3F:CC:DE:12:AC:68:07:A1:BA"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7748\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 02 Jul 2026 03:05:29 GMT\r\nexpires: Fri, 02 Jul 2027 03:05:29 GMT\r\ncache-control: public, max-age=31536000\r\nage: 84303\r\nlast-modified: Mon, 15 Sep 2025 16:36:26 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":7748,"size_decoded":8559,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7748, version 1.0","md5":"a09f2fccfee35b7247b08a1a266f0328","sha1":"0da2d17e738f46d2a09e6fb7969da451719a9820","sha256":"cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446","sha512":"5e3f9a298003b84250ec6801e08ad2a4ff8845d4c3e13ea61bec37da24d26ede13b436257882124cc0c27e9a323ba92e7d23c6ad3f48a7b75535f5ed98813a0e","ssdeep":"96:0g6vAF/FXh6MmoI56TEwosGU/DbVF/QBT1gaHEYT6u/w3hXLbJPAS772+6haAftj:zp6x6TYpoDYBJg8TRkbJPAS/2+CzQa7","tlshash":"f3f19de65d1e5e8980f0102f6f6efce767950d88141dadf9a9e72f884c6ba1b04c90cd","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-07-04T02:09:36.908062Z","times_seen":256119,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":22,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.coingecko.com/api/v3/simple/price?ids=bitcoin,ethereum,solana,ripple,avalanche,shiba-inu,tether,aave\u0026vs_currencies=usd","fqdn":"api.coingecko.com","domain":"coingecko.com","tld":"com"},"ip":{"addr":"104.20.41.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:33.897Z","timestamp":1783045833897,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.coingecko.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Jul 2026 02:57:09 GMT","end":"Tue, 29 Sep 2026 03:57:03 GMT"},"fingerprint":{"sha1":"19:99:67:9D:11:39:3A:C8:0E:5A:EF:3C:33:89:F1:D1:DB:2F:C0:17","sha256":"CE:07:25:BA:C5:43:A4:E2:8B:0A:BE:66:E1:58:27:D9:8E:AB:BE:58:AD:0A:19:3F:44:BF:C6:BE:80:FA:53:85"}}},"request":{"raw":"GET /api/v3/simple/price?ids=bitcoin,ethereum,solana,ripple,avalanche,shiba-inu,tether,aave\u0026vs_currencies=usd HTTP/1.1\r\nHost: api.coingecko.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Fri, 03 Jul 2026 02:30:34 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS\r\naccess-control-expose-headers: link, per-page, total\r\naccess-control-max-age: 7200\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-data-source: 1.0\r\ncache-control: max-age=30, public, must-revalidate, s-maxage=60\r\naccess-control-request-method: *\r\naccess-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization\r\nvary: Accept-Encoding, Origin\r\ncontent-encoding: gzip\r\netag: W/\"ab1ff7a6dab3baa70e73397680b129c7\"\r\nx-request-id: c43b7a9b-a3ad-4c5b-87c4-4292c48dad37\r\nx-runtime: 0.003852\r\ncontent-security-policy-report-only: script-src https://accounts.google.com/gsi/client; frame-src https://accounts.google.com/gsi/; connect-src https://accounts.google.com/gsi/;\r\nstrict-transport-security: max-age=600\r\ncf-cache-status: EXPIRED\r\npriority: u=4,i=?0\r\ncf-ray: a152780e0cdd56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173,"size_decoded":1344,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b379611e1121eda75a8d532f3b9d0a0e","sha1":"5ac008ef45747d727b07aca590b0c65b6a66eb85","sha256":"a926e1cd5665f4f92f324630e234a1ebdb4f36b0332ff479cfc4cce97c9d9c9d","sha512":"612fb204ce911336aac84c9c8d340bfde89dd2ed258282faa951fd243557ddb594ca6b603b47753177b3b8cbe8f0b9a8135a8203b68107c889db6fcae064c874","ssdeep":"","tlshash":"6fc08c8820b558bb0a3a4bb21e093b20e64b63b8004c030805ccfa172cdf2df06080e8","first_seen":"2026-07-03T02:31:13.562554Z","last_seen":"2026-07-03T02:31:13.562554Z","times_seen":1,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":3,"connect":16,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget-v3.smartsuppcdn.com/manifest.json","fqdn":"widget-v3.smartsuppcdn.com","domain":"smartsuppcdn.com","tld":"com"},"ip":{"addr":"185.76.9.12","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:35.785Z","timestamp":1783045835785,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1857279285.rsc.cdn77.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Jun 2026 14:34:45 GMT","end":"Wed, 02 Sep 2026 14:34:44 GMT"},"fingerprint":{"sha1":"92:5D:A0:17:13:91:72:7B:B6:8C:6A:7D:A9:55:7F:C8:A9:47:11:99","sha256":"0E:FC:E3:4D:AD:32:B2:11:05:DC:E3:CD:CC:9E:10:DC:C5:2D:9E:1C:D7:C1:9C:00:92:15:43:C5:B7:0B:3A:D6"}}},"request":{"raw":"GET /manifest.json HTTP/1.1\r\nHost: widget-v3.smartsuppcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nContent-Type: text/plain\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 03 Jul 2026 02:30:39 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: *\r\ncache-control: max-age=300, public, s-maxage=60\r\netag: W/\"6a39150b-891\"\r\nexpires: Mon, 22 Jun 2026 11:05:05 GMT\r\nlast-modified: Mon, 22 Jun 2026 10:57:15 GMT\r\nx-77-nzt: k7Zwy4qQ5dAwDw7gyba6IVv8NIPZOOcby5lyh/MSCHS87KEnioUictEzCy8v1FFVHS1lpAg\r\nx-77-nzt-ray: e2f754204b82de55cf1e476ab9a03b05\r\nx-77-cache: HIT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-77-age: 15\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":2193,"size_decoded":1034,"mime_type":"application/json","magic":"JSON text data","md5":"326e8bab008c1dbcf74f1d071d74b532","sha1":"38ef7ed5782ba7454bfd5ee59348283bf9a25f27","sha256":"15f5a980d7931c3d3c63d03733ab468c0352e210185294cfca411f903eabdbdc","sha512":"8293bb58ae378beec93e7ff6e7b12a37444d5243382ea06ad969b80d32c1fc317f987579f966a9ec01ab73df4054ac2f9448a342b4881bf071e2cf53880a258e","ssdeep":"","tlshash":"31417987c4f80e531b8c6227b89045515d90c3c7d88a3e0d72ad9a7f2f4cdaa20d6b7c","first_seen":"2026-06-22T17:07:54.215405Z","last_seen":"2026-07-04T02:00:27.975189Z","times_seen":394,"resource_available":false,"data":null}},"time_used":3306,"timings":{"blocked":-1,"dns":33,"connect":8,"send":0,"wait":8,"receive":0,"ssl":3257},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.708Z","timestamp":1783045831708,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 10158\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Mon, 04 May 2020 16:04:00 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 17674\r\nexpires: Wed, 23 Jun 2027 02:30:31 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b%2Bo3O2KWmz18CdGzbdWURTAHWPUuMeCAd1DrTkAq4XoPe7dKo5CDHQGKj48RToPXgPRMvhmAposRvoxVTSn4dkK0cadOf1duRjXEGo85F6WmSzk0pUezjLunyX1SlfjCoEEqdWzb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\ncf-ray: a15278003ed9b503-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44342,"size_decoded":11186,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (31997)","md5":"f416f9031fef25ae25ba9756e3eb6978","sha1":"e2a600e433df72b4cfde93d7880e3114917a3cbe","sha256":"a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d","sha512":"6cfb3b01eea956f84e4a221cc940a547bfead8e02c462a2fc38bc0917fb325bc374a101e7aa7b3ab9d11208708511abb39adb4ad6da7daaf9fc9704d714f65af","ssdeep":"768:UCI7dmuMFAAJG4dlQKNORpnXGAtep2lcwJeL+wr2RSGc7UuHjRUQuFBt33:PITMFC4dbMVRSGcgRDV","tlshash":"e7137346b3202d2a869b61a0663f160bb23a241ce414547d7d79e6de6d7dc8c213ffbc","first_seen":"2023-03-07T01:02:37Z","last_seen":"2026-07-04T02:08:19.356463Z","times_seen":62550,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/cdn.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.710Z","timestamp":1783045831710,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/alpinejs@3.x.x/dist/cdn.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 17156\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 3.15.12\r\nx-jsd-version-type: version\r\netag: W/\"b50a-ffPyh/dpwgXxOS3jUyUX1gLNGBA\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230160-FRA, cache-ber1080029-BER\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 37757\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iBKsHGq%2F1VW7DApvP8GUIHvwLp4PmeCVaqVd015cfZ%2BJuRe8bK0ry8cD5Vz%2BLBksYNxRJCXWVVrvmbzDEI3ezK1lSstRriyptB0f90%2B3NSqAL9Ts1yIa8QMt4OE6Dex0I%2FY%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a152780049142efa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46346,"size_decoded":18286,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (40766)","md5":"422c7d8cfa8b78375cc7a767d2ae5ca6","sha1":"7df3f287f769c205f1392de3532517d602cd1810","sha256":"57b37d7cae9a27d965fdae4adcc844245dfdc407e655aee85dcfff3a08036a3f","sha512":"0a30f697aff3d0fd675001e5fbf9724ba3705766e9da28de966d84aaa8394ee18cf3f49cf5688d12d51f2a6fc073b3a9a578ed8666404c53399e7abb3b210f61","ssdeep":"768:DBCz6escmy5dIOT2C3KBdoqCHL6POK/5IKXqLWoOAUORrST5GUGz++u3hBpShpJ0:FCueivEqCr6POQDXmWomUtzMBpShpJyn","tlshash":"c023f9e97396b13283ef01b190bb424af33d2994150e5464f669d8ee383948d51f3fba","first_seen":"2026-04-30T23:22:33.584041Z","last_seen":"2026-07-03T22:54:30.906823Z","times_seen":1561,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":2,"connect":1,"send":0,"wait":7,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/man-shades.webp","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.726Z","timestamp":1783045831726,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/man-shades.webp HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:31 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 15 Nov 2025 10:39:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 196912\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":196912,"size_decoded":197180,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"232e0ccb229729fafeb9c2d27e8ea721","sha1":"a513e28f672acd3539ff88d18b61b0b89584beba","sha256":"c0da3e7c84f288a580f448db2b7e5fffdd00ceb86bbf4aca834839d2666a6dff","sha512":"f8de2a1630ac177bd16da42982d8155a0544502d9ef380541d34fd1e8243e98b450fda4b64f9b1c493c9331a34992e657de4a12f06c1ed2c29cceba066b718f1","ssdeep":"6144:LjnQl74c2QpoOQzTF6DFEXtM4gg3E8fsOCI/8F:LzQtpot9lx3E8m","tlshash":"a41423208d6b9872dfb1a73ac05978da6374f5fa9655b92bc0cd038f81f5d86122f063","first_seen":"2025-03-09T08:12:08.884852Z","last_seen":"2026-07-03T02:31:13.565088Z","times_seen":24,"resource_available":false,"data":null}},"time_used":568,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":445,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/brands/9.png","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.741Z","timestamp":1783045831741,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/brands/9.png HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:39 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Nov 2025 10:39:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5159\r\ndate: Fri, 03 Jul 2026 02:30:39 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5159,"size_decoded":5424,"mime_type":"image/png","magic":"PNG image data, 220 x 208, 8-bit/color RGBA, non-interlaced","md5":"26a75fa1561193cee11f43e39d855e91","sha1":"7a4dc5c651443e37cbb96cc41ad1c82e0c633d80","sha256":"8271cacd9d2aa279518f5ce3d71f8eb546bae617c1dd082bb544f9c3a2d25cb0","sha512":"376c12633d7b517b07bcf51295a93a8f888d92cced6068e90995181053584b6a82f7e41a7ab1cab977e268fd5e31ccedd59ad83a0386d1b66de280e583ff5259","ssdeep":"96:ci7nCcRtfMbQjmTiEJ06KwQt8v7PhX0a/eS4J9ktYw9FocoxcCzL5:JBdLqTiEewQts5kKtdWcoxcCz9","tlshash":"36b13cbb92a4444978b127750791eca14c6f0efd331d9f9bb25bae9c3c88058d6b94c4","first_seen":"2026-02-17T05:07:17.472081Z","last_seen":"2026-07-03T02:31:13.566155Z","times_seen":26,"resource_available":false,"data":null}},"time_used":8103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8101,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget-v3.smartsuppcdn.com/assets/shared-FggoWQFN.js","fqdn":"widget-v3.smartsuppcdn.com","domain":"smartsuppcdn.com","tld":"com"},"ip":{"addr":"185.76.9.12","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:39.112Z","timestamp":1783045839112,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1857279285.rsc.cdn77.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Jun 2026 14:34:45 GMT","end":"Wed, 02 Sep 2026 14:34:44 GMT"},"fingerprint":{"sha1":"92:5D:A0:17:13:91:72:7B:B6:8C:6A:7D:A9:55:7F:C8:A9:47:11:99","sha256":"0E:FC:E3:4D:AD:32:B2:11:05:DC:E3:CD:CC:9E:10:DC:C5:2D:9E:1C:D7:C1:9C:00:92:15:43:C5:B7:0B:3A:D6"}}},"request":{"raw":"GET /assets/shared-FggoWQFN.js HTTP/1.1\r\nHost: widget-v3.smartsuppcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: https://qtradedirectinvestment.com\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Fri, 03 Jul 2026 02:30:39 GMT\r\ncontent-type: application/javascript\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000, public, immutable\r\netag: W/\"6a39150b-42684\"\r\nexpires: Tue, 22 Jun 2027 11:00:05 GMT\r\nlast-modified: Mon, 22 Jun 2026 10:57:15 GMT\r\nx-77-nzt: k+VHpGZF5BzQ5h+MCwvc8+AXgP9WDGVkMb9WswROuBH7xmw9fNN3bJ6OGhWvbbgR/VBvLaQ\r\nx-77-nzt-ray: e2f754204b82de55cf1e476aa8f90a07\r\nx-77-cache: HIT\r\nx-77-age: 919811\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":272004,"size_decoded":92555,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (44711)","md5":"d3b9ca5f9f3b05da0401449cc4db4f1a","sha1":"1aa8e99f1cfe2d6776fbae7ef2fde26b2b18db70","sha256":"da0316ae7fe87925382357385427467ab57c40fd0d8659988ebc9545bc3f1fe4","sha512":"4e972657231b7b56ec4f852a2a6e5d11bde9b12cf6a55a723095f48c0030dd66693b08b9b0a4a6f42699f80ee04604a2e0310d59e4dae291d29281028adc5110","ssdeep":"3072:7dkD8hG1K3qO0L+YIjJI4JvGuzJmiJvGIJ4zXwvzSiGrKt3z+F00x61GfNVsIcuR:k8hlqO0LQ7hjPGrKt3kfHsIcuwtkqnQ1","tlshash":"26443ad53294b03543db51e6906f1106f33e5c19580d812cf269ede678baec8a2b7fb8","first_seen":"2026-06-22T17:07:54.09355Z","last_seen":"2026-07-04T02:00:28.003585Z","times_seen":399,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/brands/5.png","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.737Z","timestamp":1783045831737,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/brands/5.png HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:39 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 15 Nov 2025 10:39:40 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5122\r\ndate: Fri, 03 Jul 2026 02:30:39 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5122,"size_decoded":5387,"mime_type":"image/png","magic":"PNG image data, 204 x 162, 8-bit/color RGBA, non-interlaced","md5":"2d09335e1a594cde8ec118a50f3eed81","sha1":"94bf1db1e081d7a851f20301ef3ea251519e8c72","sha256":"3aef13c75bd3d4c0c72545f4f8bbf6a399c3dfd9fe5bf332a86800cadde5387d","sha512":"01246fce220de690d249e721643a2470108014aab7a16129daec9f353d8cb8b4faa25a739a7ccc8d98d7cff49921756541021f57f3bcc0d6527265117d3394b1","ssdeep":"96:6cPFFFFFFFNTWownjtmOacqRG2yXkunv6d+bP2jTLBHymaHyifEbsefFFFFFFr:tyostVqczk2yd+bePlHtaSiqsej","tlshash":"32b14cd9add5a864c6a93b1301d710c4e5c8333aaa00947d3b486cbd2ebd56276dc0ba","first_seen":"2026-02-17T05:07:17.466862Z","last_seen":"2026-07-03T02:31:13.525664Z","times_seen":26,"resource_available":false,"data":null}},"time_used":8059,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8059,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Manrope:wght@200..800\u0026family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.696Z","timestamp":1783045831696,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:02 GMT","end":"Mon, 07 Sep 2026 08:41:01 GMT"},"fingerprint":{"sha1":"FD:DA:E1:3E:1F:AC:E0:96:14:ED:37:58:30:0F:ED:9D:B4:5E:F1:EF","sha256":"7D:36:0C:A4:14:F6:05:8D:F4:E1:CD:BF:84:A7:03:AD:3F:C4:93:AE:B3:D6:7E:99:CB:92:D7:1F:29:A1:49:A4"}}},"request":{"raw":"GET /css2?family=Manrope:wght@200..800\u0026family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 03 Jul 2026 02:30:31 GMT\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23827,"size_decoded":1870,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"8b3a6735fc25cd6350415b6e5057296f","sha1":"d6aaf5f0c42b34e0983a1a0a511caef428fd0916","sha256":"5c17864b1670e9a8dd608921ec25af12fe8656495392e082c0d95e6f7fb8ebe2","sha512":"8de0121a78e61cc63ae2d839b2f437a54ed9086f018caec373491797d328a355c5b46152431cccd33272ab4f6bf8dc18d3b664b936e6aaadee2c6bbd0e49a359","ssdeep":"384:j8f3w3s3VR9xqWSUq+DnLami0A0BNBOi/mkX:uEA3mkX","tlshash":"44b28991087be114ab871cc123cf7d36ee0ea154b850d978abfd0cd8ad9bc665361b2d","first_seen":"2025-12-03T19:10:57.533757Z","last_seen":"2026-07-03T02:31:13.567187Z","times_seen":36,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":15,"send":0,"wait":34,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/assets-blob-2.svg","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.724Z","timestamp":1783045831724,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/assets-blob-2.svg HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:31 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sat, 15 Nov 2025 10:39:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 587\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1175,"size_decoded":900,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"672019896cc7f61a0d2af7d937259b0e","sha1":"52840284f8123bf6f9303780e9080b052f9abcf3","sha256":"7be2c87d5ec15d6ce593264a01ab7a8c91c52809c3447fd9c078288202e16fb9","sha512":"d1cb8da99e473995582eebc8655dc3e45d89d0d41ffcc289cc63a5e14c6c083656015b70e6f29b9f877ebf99e7ff421dddaaa2659d054f2f400b840c907edcff","ssdeep":"","tlshash":"a72142ecc3fee406b929c1b9ff85c962792850c7c1414a45f06deb8e2706c52ac1f2ac","first_seen":"2025-07-12T14:41:03.029652Z","last_seen":"2026-07-03T02:31:13.568124Z","times_seen":27,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qtradedirectinvestment.com/temp/assets/images/not.webp","fqdn":"qtradedirectinvestment.com","domain":"qtradedirectinvestment.com","tld":"com"},"ip":{"addr":"198.251.84.200","port":443,"asn":53667,"as":"PONYNET","country":"Luxembourg","country_code":"LU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qtradedirectinvestment.com/","date":"2026-07-03T02:30:31.727Z","timestamp":1783045831727,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.qtradedirectinvestment.com","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Wed, 24 Jun 2026 09:10:59 GMT","end":"Tue, 22 Sep 2026 09:10:58 GMT"},"fingerprint":{"sha1":"F9:23:27:80:9A:49:5C:A7:F0:8C:82:37:00:C8:10:FC:99:3D:F4:9A","sha256":"F6:7C:2A:14:BA:51:F7:ED:CD:D7:E9:62:50:D1:7C:2B:AA:FA:74:D5:1D:63:98:1D:77:F4:D1:32:85:10:F1:2D"}}},"request":{"raw":"GET /temp/assets/images/not.webp HTTP/1.1\r\nHost: qtradedirectinvestment.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://qtradedirectinvestment.com/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6InZVT1VlVXV0OHA1cmJuZVRqbGZzamc9PSIsInZhbHVlIjoia0o5T25sMzlzdHAwWUIzVDRTbnBvRGVLWkRNb3dLU2w2dFNnNkd0UWpabUNQaDB3SlFUcHBPU2ZXNit1dUVnUzhvUUU4YWJnbytDY1FWYVBWY3pWV0I0TUE2NTVack04RlFNZ3pHYS8rM1U2N2lVWjcrV1FzOHJudk9maXprOTUiLCJtYWMiOiJlMTg1ODA1ZTI5N2NkZGUzMDNiODY1ODNjNjBjNjViMmI5YmRjYjgzNWVhNGMxZWQzNjNmMmVkODZhNWMxYjczIiwidGFnIjoiIn0%3D; qtradedirect_investment_crypto_stock_session=eyJpdiI6Im51Z2R6QlRkRjNkVUg3N3RvdFBDTlE9PSIsInZhbHVlIjoiZHhmWEZtT3Branc4Sm9SUE9TaUk0SUhJZjRwNjcrcmwzanV5Z01aVG1pUW52Z1pjVVdUekRuOFRVZjc0clMyS1huL0FFcklSRE9nUldCUk9nYVBjSFVhTmNNNE5lSXR2MGtQSEp2RTE3ajM4QzlVL1N3T3YzYUF0VVVPaG9LaG4iLCJtYWMiOiJkNDQwYzE4NTM5ZjUxMmQ0YmRhOTVlNWE5NDFhMGU3M2ZiZWQ0YzAxMzU5YjliZjFiMmFmMDlkODdkMWY3NTc4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: public, max-age=604800\r\nexpires: Fri, 10 Jul 2026 02:30:31 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 15 Nov 2025 10:39:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 60944\r\ndate: Fri, 03 Jul 2026 02:30:31 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":60944,"size_decoded":61211,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"dfa32cd41f776a774da4d19c8ff71582","sha1":"1bd8a6fee3b0baabf2ac2abb3312cbaa07cd5579","sha256":"f2ab718269bdb5b18a08f3c5823b64888faefab97a76d28a24994d9c3e32da03","sha512":"881f42a50bb22c298e855cd7ef6821ec339f56d798ea42c0266f32cc2ba707d87bdbecc2a6356d8c2a97f1cab8a2eec22147aa046694289eb5ba16020635407e","ssdeep":"1536:UhS74/jxQFco1GPryEyfzosqOWbDDJ/9ubtQB:UhS09e/cyEycRzJVItQB","tlshash":"815301191e4bd71ef557b7bb80c3a626584b0f1b42150877889332877a5bb7f77981c0","first_seen":"2025-03-09T08:12:08.8556Z","last_seen":"2026-07-03T02:31:13.569126Z","times_seen":28,"resource_available":false,"data":null}},"time_used":593,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":593,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-03","alert":"Sinkholed","trigger":"qtradedirectinvestment.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}
