firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 05:05:44 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 19sMjMpD-x5F8Ut05d7lmDRJNvn97fN3tSp03sP0NiJp2z-qJf17rQ==
Age: 1593
q-sec.in/
192.185.24.224301 Moved Permanently 0 B IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Sep 2022 05:32:17 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
X-Redirect-By: WordPress
Location: https://q-sec.in/
Cache-Control: max-age=300
Expires: Fri, 23 Sep 2022 05:37:12 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
X-Server-Cache: true
X-Proxy-Cache: HIT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9196
Expires: Fri, 23 Sep 2022 08:05:33 GMT
Date: Fri, 23 Sep 2022 05:32:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jj8ZDu2HKfD_B_2m-Ql8qYaoqMx7555l0PDrSt0hRFSHZjn41l2_BQ==
age: 3423
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Sep 2022 05:32:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f52693f33ca10193477dc6153fe85008
5d25688ebf9650740a9fd69b0f36fef4d5754db9
94564877996b94f71a81fbb8d67571a00be23ca14594682c12683af298e9a01e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94564877996B94F71A81FBB8D67571A00BE23CA14594682C12683AF298E9A01E"
Last-Modified: Fri, 23 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 23 Sep 2022 11:32:18 GMT
Date: Fri, 23 Sep 2022 05:32:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 05:03:22 GMT
Expires: Fri, 23 Sep 2022 05:16:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fP0bCKp7Pk_y2lOlthqPvQpYjquaOt0JeMPL26WyHNyLfYd2nu3Wnw==
Age: 1736
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 86624f45fb3b7126dbe002f69c94dd86
30bcf274db5037122f989fb25dbf1e72c9ec417b
2cc9600578cf057dc499835773fb495caa60ac154c4945f0fc1f2b31d43f5502
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6263
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:32:18 GMT
Last-Modified: Fri, 23 Sep 2022 03:47:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.187.160.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.160.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: F//6H0bo6bJoZrgvfHEgJQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g1TsbkmVtAKfysT5ehgR64edB9I=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12601
Expires: Fri, 23 Sep 2022 09:02:21 GMT
Date: Fri, 23 Sep 2022 05:32:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12601
Expires: Fri, 23 Sep 2022 09:02:21 GMT
Date: Fri, 23 Sep 2022 05:32:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0908c18b-cd0b-41cc-beb5-0347df28884c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0908c18b-cd0b-41cc-beb5-0347df28884c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e125802119a2737820b343c4e9ecfb6
30ccc2dd2597b5b720d66c960ee8bd63c7115630
90cce372b2b8c89569fffc55de468bfc7cd4b7454ae7c55c48b7a846506b576e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0908c18b-cd0b-41cc-beb5-0347df28884c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11059
x-amzn-requestid: 65fe1c05-a158-4ac2-8368-f26da119ef68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcDTgGV4oAMF0iw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217f49-74fc5c511bee36fd11d6d2eb;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:14:17 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ArtxwEnLiPvfdnNGum0ZbXPBv8Xd6lR2-vWnBj7MnOIq4q3r6rswWQ==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:51 GMT
age: 26429
etag: "30ccc2dd2597b5b720d66c960ee8bd63c7115630"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948809a9-98f3-49af-9568-833cc0cfb149.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948809a9-98f3-49af-9568-833cc0cfb149.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2644bb64610b60b23b7dff21736f7b4d
e95d1909750d36a9e426c170778985310cbfc4e4
e668fe1815310914cee8c5853fbcb3d0e48f6f0f8c2d07f7463e627f97153212
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F948809a9-98f3-49af-9568-833cc0cfb149.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5533
x-amzn-requestid: af64386b-45ae-47bb-a6fd-f80e306495df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCkMGVEIAMFfhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e1a-7e417f28422324ed2ddc85da;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fyCuR7eISu5Of0AcZBH5FOtHKRe-Nepnt52kqZtQm0tj1L7lAtGc8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 03:45:46 GMT
age: 6394
etag: "e95d1909750d36a9e426c170778985310cbfc4e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 948abf9bedd1bd67010284080ba06d01
dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b
236639cc2279c6f269dd521796a087a40b43b252cb55faf3e4214cbdc8369a62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56c6b5fd-d351-45b8-9f62-d5052869881a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 308978c4-679f-4bb6-bfd7-a81dc00ec3db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YoKcMG-kIAMFZKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63265781-03f94c0a385ed28408de81c8;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 23:25:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9fh_DJXLHRaerYmgTGoVX3LRsMIgzf46bn48yzXp8Xdp8WippJExcg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 11:05:21 GMT
age: 66419
etag: "dd94d525ad264856a0fdcb7a4b1faa2d68c3f68b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b577444b5b0cf15747fe28a9d7f22d53
e6097275af3204124c48aa0d876eba0d18b26e7e
0f57e130b23b87fa4e1f9c2a2beff54f1ca73d87a244442558209e378befef11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8822718-7784-42f7-9be3-17d81593a755.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4999
x-amzn-requestid: 6f7b073e-f199-4bfa-8f9c-6688dbfba15a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn7p7GyRIAMF1EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263fd8-566d8b3c1c25e3fa36259812;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:44:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: n4w6--Eta_zedQ8EOarLoCGZavQpadMCZnXlhGmQf4vgHZxyBKtRgw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:51 GMT
age: 26429
etag: "e6097275af3204124c48aa0d876eba0d18b26e7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62dd28d6-72d9-4f9c-8eb7-cc97b6279d6b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62dd28d6-72d9-4f9c-8eb7-cc97b6279d6b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3056431736af42cc145a77dbc77c45a7
977068c1cfdf8dfb64cbe8fb8d917ebc8e3e970e
d299e38c678f4c4548cd2e7cf7ff1b07910b316bfc8b13c492b4fbee0a66b079
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62dd28d6-72d9-4f9c-8eb7-cc97b6279d6b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9892
x-amzn-requestid: f1d435d6-ed01-46b6-8f36-615f07f8cac0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VpWGamoAMFppA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfd5-2c3726b022bd389a156532c4;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ycp3xxTZqMDmPjKujrcqGRnuF0lKBH_avDsVSVASv_mU4tTkEfqoYw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:26:02 GMT
age: 3978
etag: "977068c1cfdf8dfb64cbe8fb8d917ebc8e3e970e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ff021fa15adb0d3a24158bc00cf0980a
265d3e98bcbf5f14f214102279a7911d6fd64048
211d709fb1851a62f856a78e3b115ef816f78ab9a28f870d48fa3d1912eac16a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ec986e3-2bce-4ded-85eb-e88df9893a30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6505
x-amzn-requestid: bc9cc556-8897-4484-ac07-f18e4f5250ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YvrfiFl4oAMF_Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63295930-7a627b7d7683919e41ca599b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 06:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UNlx91pOuttpN-IrQs_g-PRI8C_NmZDKdnOpfayCJ719fa6FwnOIGg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:51 GMT
age: 26429
etag: "265d3e98bcbf5f14f214102279a7911d6fd64048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-DBC7NJEVV7
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-DBC7NJEVV7
IP 142.250.74.72:0
File type ASCII text, with very long lines (20189)
Hash 35791965a29eb77ddf82eabaa4856a2b
bd50073336342f5109e8f122bde9b478e595500e
58d044a3114f7e8dda9cafce2ccb151f97b17a002787e1cee6d2fcb9d3d84409
GET /gtag/js?id=G-DBC7NJEVV7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 05:32:20 GMT
expires: Fri, 23 Sep 2022 05:32:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75075
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.9.1
192.185.24.224200 OK 1.7 kB URL HTTP/2 q-sec.in/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.9.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5305), with no line terminators
Hash 0332c949167f256eaeb32063c28950ae
55d38da2c11e1b193de19a9fa3a6a275a4accdfe
1c1dcbb08352422a98b8dd9632753b904e9040eea0a538dc2d169935e7fa5fb3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=5.9.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 23:25:06 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1723
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
192.185.24.224200 OK 15 kB URL HTTP/2 q-sec.in/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash 6ebc7a4d773cb1f29a93f605933fba76
b113ca39afc5fd44cbc06dca58945bb5e9fb771e
7a12133f8cb48c1b5b4631ee9e9a0eebe36bbf2bbe1eb792b0f9fc630c18bd76
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.5 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 14560
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b9893dbb93b5cc3cb8637b496ecd3c1c
007b31caa727ce627f6ba81a3f43326a1538181e
b82608484e9e9dbf009de73986da468fff9833e5d040016b3214b8774ba9f500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 375756444a8871bbe816165e294fb262
2f9e18473daa3daae633a4df448a2230e77f8c33
c2e94c3082cb76fad8f5ace3c686f46d43c807b7f2d3cb9f2b4d9965b91af4c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:32:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
q-sec.in/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.1
192.185.24.224409 Conflict 83 B URL HTTP/2 q-sec.in/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.5.6
192.185.24.224200 OK 5.2 kB URL HTTP/2 q-sec.in/wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.5.6
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18488)
Hash 0ffe1cf14ab1926eadb5ae8fffd55ee7
24e8d6045710d7556617333bb3223edaa5199eb1
c16440f1141745ac47980b0037d9b536c081b3d6c79f9a6376d5ad71a204da99
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.5.6 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Oct 2021 11:03:11 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5157
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.6.3
192.185.24.224200 OK 1.6 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.6.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13766)
Hash 45e20e40be9985874d571a0fe7f52d73
beb4cf5c867312a85a7b4b1fc60208bc378adfb8
7b8c2d9547f245f1b47a81ab2eb53d24cd421fbb3963da10702cefa7bd848ad8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.6.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1608
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
192.185.24.224200 OK 4.0 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19082)
Hash 1a51c193793d105fc6aaddfc3bc05349
238e509973276daa145be273af1aba0fbb3801bf
69e8578f795564941f826ab314ab57c83da7fb6ca7d9221c8df5f1e9081ae6e3
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3978
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
192.185.24.224200 OK 3.2 kB URL HTTP/2 q-sec.in/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11256), with no line terminators
Hash 1054d0d53548e8bae51665b11acc6413
2eea6a05fe18db61fff58c431d34a86b3e0b7ade
cb8b0f0f3f871d9776da32ee6d9e1af9277a211be61e97a831c7f8c98fbebfae
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3239
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/elementor/css/post-59.css?ver=1634797122
192.185.24.224200 OK 429 B URL HTTP/2 q-sec.in/wp-content/uploads/elementor/css/post-59.css?ver=1634797122
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1199), with no line terminators
Hash fd42633a7f23cec14dc06af8870a9cb2
da2cf763bb42c04112f61088c379e12e7b7c3eb7
c1133b21f8826d62ea773eefa4dcd688df9b1f23d6c2bf7ab92919fbc976cf31
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-59.css?ver=1634797122 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 21 Oct 2021 06:18:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 429
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/themes/phlox-pro/css/other/elementor.css?ver=5.4.15
192.185.24.224200 OK 231 B URL HTTP/2 q-sec.in/wp-content/themes/phlox-pro/css/other/elementor.css?ver=5.4.15
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 9caee1f365c4a4f583f4736e2edf931a
e0d1684d37cb272b5a9ed756dabf70150793ecc6
f323ee379be7ddc9489df88638e12a50c17be09cd8f604445722cc9374a324cf
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/phlox-pro/css/other/elementor.css?ver=5.4.15 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:54:39 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 231
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.5
192.185.24.224200 OK 1.3 kB URL HTTP/2 q-sec.in/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.5
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4186), with no line terminators
Hash 91bab39b98d7e5c1632717b9ebe349e4
e639a447d06fc7827be5b5b35d603ff16b5f7bb1
47ff151faeb23a5654f6ec58b404e51193f6714849a69de241c2ee79662f74c6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8.5 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1298
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.6.3
192.185.24.224200 OK 13 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.6.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (59158)
Hash e6b67e11736ae36a062b381717f2ea9f
a663a79bc8d42aa58bfea1351cc27e0d0b09c9b2
a07a94d36246d0b3e5b9b18e274e31995d0e23cda955babf5e350e91a879523d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.6.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12862
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/auxin-elements/admin/assets/css/elementor-widgets.css?ver=5.8.5
192.185.24.224200 OK 108 B URL HTTP/2 q-sec.in/wp-content/plugins/auxin-elements/admin/assets/css/elementor-widgets.css?ver=5.8.5
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 1a1360d25e17078f0b275a0dcb28ac83
94981c58abb8cd738a8341783214f6d70901e38f
053002344403da64413de62dcb2a9acbd3d53463281348d8dffb88b68d34c864
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/auxin-elements/admin/assets/css/elementor-widgets.css?ver=5.8.5 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 19 Sep 2021 11:31:18 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 108
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/wpt-whatsapp/assets/css/public.css?ver=5.8.5
192.185.24.224200 OK 2.5 kB URL HTTP/2 q-sec.in/wp-content/plugins/wpt-whatsapp/assets/css/public.css?ver=5.8.5
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 5c75b3a775c00208e18a2ef2711f889a
2540787c76e64a565cce898e5b27d2c267fe0522
33ebc4b0b82867e168ce8a171b0ce8075ac9d1e18b3c6951376d7282f84adaa1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/wpt-whatsapp/assets/css/public.css?ver=5.8.5 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 12:07:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2529
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
192.185.24.224200 OK 308 B URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (489)
Hash 0a08469d24387f830bbaaa00b3c228ae
01f5dfeb8f93a32c9a8f66fe5940758109771fcd
3c7c29e5fc1193ff7ce24f72f77b2dc129e1a9434a97ef7b625f6f715531803c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 308
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/elementor/css/post-1621.css?ver=1634797544
192.185.24.224200 OK 1.1 kB URL HTTP/2 q-sec.in/wp-content/uploads/elementor/css/post-1621.css?ver=1634797544
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5530), with no line terminators
Hash db979c89a0825839bfb6d720017e93aa
5724152c44a94b9f55161ab2fc4ab85426411b8c
1951a746a96920d4743240e4ed775e13f3948af5666fdf5fd9e2e4867a66b70a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-1621.css?ver=1634797544 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 21 Oct 2021 06:25:44 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1054
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
192.185.24.224200 OK 309 B URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (483)
Hash 0ea43e394ddaae5fdb710dbbc8869e58
3b0c93adc80720236096201db5cc2751e703996d
85225fffa21a94bfd954393d7471069ab227b98fd8b51cb5ab4af5488168a34e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 309
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/themes/phlox-pro/css/portfolio.css?ver=2.2.2
192.185.24.224200 OK 4.5 kB URL HTTP/2 q-sec.in/wp-content/themes/phlox-pro/css/portfolio.css?ver=2.2.2
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type assembler source, ASCII text, with very long lines (851)
Hash 915219410f1f59b4afa510429a802481
c17352e4813a5c85c07255132a0b97a7ce81e5f6
0fddd4163b0a2a79cc9ee68fd83b0c316ac40d33ac8d7179a537de4026901405
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/phlox-pro/css/portfolio.css?ver=2.2.2 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:54:39 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4500
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.3
192.185.24.224200 OK 4.4 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26516)
Hash fdd462f58aee3f9349eabdefb5ca0b57
bb6e017d5537630516ccb98952593690a8c69864
ca51806fcedbe90dd613c4c28673af8693381806a5cb3b43dce2ea4f43e8b314
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.6.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4436
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/ep-advanced-heading.css?ver=5.11.1
192.185.24.224200 OK 755 B URL HTTP/2 q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/ep-advanced-heading.css?ver=5.11.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3174), with no line terminators
Hash 72d40ed27df10ec2f1b501cf577a073e
fa72361a668696004fc275777f1abb9cca765ba9
3d8365c924240f777f1a9f6e3b117fb17f7803ab966aad128b2984d9fb7d0291
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bdthemes-element-pack/assets/css/ep-advanced-heading.css?ver=5.11.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Oct 2021 11:02:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 755
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/imagesloaded.min.js?ver=4.1.4
192.185.24.224200 OK 2.1 kB URL HTTP/2 q-sec.in/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2103
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/wpt-whatsapp/assets/css/auto-generated-wptwa.css?ver=5.8.5
192.185.24.224200 OK 348 B URL HTTP/2 q-sec.in/wp-content/plugins/wpt-whatsapp/assets/css/auto-generated-wptwa.css?ver=5.8.5
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 58ada7295ce5a4af239076622f37887a
77de4661e5db1ff38d9c2a5413d9899e1ebdfc0f
14c7b05f2c47a132345dc83e7e8d757e7a66dee3df52b0344522d25ed9fefa9f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/wpt-whatsapp/assets/css/auto-generated-wptwa.css?ver=5.8.5 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 12:08:59 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 348
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5
192.185.24.224200 OK 5.2 kB URL HTTP/2 q-sec.in/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15224)
Hash 00af0ddf324f69fcb25f0d2e5d08910a
df0379ab0e1b2902957c8aba77f89d88e1239b59
f0a06ed3b8d3917b358def04d87668001cd1c6da31a5cb4bb452313feb64a2a7
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.5 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5243
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/themes/phlox-pro/js/solo/modernizr-custom.min.js?ver=5.4.15
192.185.24.224200 OK 7.4 kB URL HTTP/2 q-sec.in/wp-content/themes/phlox-pro/js/solo/modernizr-custom.min.js?ver=5.4.15
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (19371), with no line terminators
Hash 2f146ca91524a99f47523ab2b4a539f6
f7baf9c05ce55a8e961904bfe676ffca22054720
d0dcc9ea8e58b26688d4114507ef786e6eeb85b3609dcea41ba8dd85cae17f18
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/phlox-pro/js/solo/modernizr-custom.min.js?ver=5.4.15 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:54:39 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7380
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/phlox-pro/custom.css?ver=5.1
192.185.24.224200 OK 1.8 kB URL HTTP/2 q-sec.in/wp-content/uploads/phlox-pro/custom.css?ver=5.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 95dd74f7ffed69ae9fe1f55d498762d5
4968839e720990e1b285e8a425cc69d11b23b236
cb6feb2f1b2c110afb3373fc71660415722fb739fdec8bf0ad401f3635f3bd51
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/phlox-pro/custom.css?ver=5.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Sep 2022 22:58:04 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1824
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/elementor/css/post-1497.css?ver=1634797122
192.185.24.224200 OK 1.9 kB URL HTTP/2 q-sec.in/wp-content/uploads/elementor/css/post-1497.css?ver=1634797122
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9883)
Hash 9cad183f38a5ff3478f1e6a3995c3c1d
3cda58319e2ccb64de33f6543f28f1e05d1d8de9
13e034926d82ef838d726a4c84cb67a13f8ae3d169761f91861af0bf5948d061
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-1497.css?ver=1634797122 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 21 Oct 2021 06:18:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1926
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/themes/phlox-pro/css/go-pricing.css?ver=5.4.15
192.185.24.224200 OK 2.5 kB URL HTTP/2 q-sec.in/wp-content/themes/phlox-pro/css/go-pricing.css?ver=5.4.15
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash efd20682c52b01ba8c111abdb3434fcb
dea05bc2081da1dc9657c87458acef783780fe77
83b795cb7880e4c84be0a721f658c18347eb0639e0db86099fcabd924bd58388
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/phlox-pro/css/go-pricing.css?ver=5.4.15 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:54:39 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2463
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/auxin-pro-tools/public/assets/js/pro-tools.js?ver=1.7.1
192.185.24.224200 OK 1.1 kB URL HTTP/2 q-sec.in/wp-content/plugins/auxin-pro-tools/public/assets/js/pro-tools.js?ver=1.7.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c2fe5f3b7d43d83580e0f0d24c31f969
aef3bd8bd35d459108a8e3c86cd76c26f627034f
f3cd4842293e9292a5f8b8eba210da0957c4382b653ec79326e9b04ee31d5ebb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/auxin-pro-tools/public/assets/js/pro-tools.js?ver=1.7.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:57:31 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1126
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
192.185.24.224200 OK 736 B URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1801), with no line terminators
Hash ae098a17e8889ff188a7a1ca4545c729
250400844f4e830503e2e9b8642fb00bc337eb62
0f5aecfe5c23d3149b592488ac69726074ee450de920b0e7ecf3071c1acd0771
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 736
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8.5
192.185.24.224200 OK 544 B URL HTTP/2 q-sec.in/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8.5
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1193), with no line terminators
Hash f5a258ea9f1581ecbb0e72cc6665c1c3
a85af53230df5278128438f9dd3539356d65b92f
c91bcf01aa9b5858ce368bdf176b93ebe701ce72ee09f4ef132e7fa3df1b1d98
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8.5 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 544
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.8.1
192.185.24.224200 OK 792 B URL HTTP/2 q-sec.in/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.8.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2139), with no line terminators
Hash 1ca3f41c13e0027acc45f0601f8b640f
cced34af0c6a59e9cee4229faa66ab39c7031506
d3bc5eaf4c6be9473dbba690825cce9a1a6f4accb6721dae7875efef54942f41
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.8.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 23:25:06 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 792
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/auxin-pro-tools/admin/assets/js/elementor/widgets.js?ver=1.7.1
192.185.24.224200 OK 438 B URL HTTP/2 q-sec.in/wp-content/plugins/auxin-pro-tools/admin/assets/js/elementor/widgets.js?ver=1.7.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 51d23e12e7c890168fde22896ee0d3ea
d0bf0de937f4bd659d928f721e34ccb6a0c2732c
40a3fc91e7bdbd3660238f427f817ad12af6d33c6d5c7eb4ab0bb2f3980fb239
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/auxin-pro-tools/admin/assets/js/elementor/widgets.js?ver=1.7.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:57:31 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 438
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/element-pack-font.css?ver=5.11.1
192.185.24.224200 OK 1.5 kB URL HTTP/2 q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/element-pack-font.css?ver=5.11.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6894), with no line terminators
Hash f1c618e9e68a730e8289db950368d5ad
93b25dea0538b484a8ad18854e82643357d387d1
4cd9e923868cdf0170d72c37ab16b147597a0252577b2f8c4332d191df5ed2b9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-element-pack/assets/css/element-pack-font.css?ver=5.11.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Oct 2021 11:02:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1491
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/ep-advanced-icon-box.css?ver=5.11.1
192.185.24.224200 OK 1.8 kB URL HTTP/2 q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/ep-advanced-icon-box.css?ver=5.11.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10449), with no line terminators
Hash 32b9efad22fa6c73de8ef64565da9f56
e86db8a91d556bee0401997c877b956b5766bd7c
4fbd0dca3d872e58742a820eb60fa98d0ad2c5ba565f24638f97198e41b8d966
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-element-pack/assets/css/ep-advanced-icon-box.css?ver=5.11.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Oct 2021 11:02:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1847
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/datatables.css?ver=5.11.1
192.185.24.224200 OK 2.1 kB URL HTTP/2 q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/datatables.css?ver=5.11.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11331), with no line terminators
Hash 55d0c8b2b8522e1e6dc3d158733d8322
1757d77ee0c38996c78e8537d1e2e4e584752d21
be216522522156ddb0123e7b7aea2a3af35d033f035fe7ade39d7e378ca9a519
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-element-pack/assets/css/datatables.css?ver=5.11.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Oct 2021 11:02:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2067
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.8.5
192.185.24.224200 OK 483 B URL HTTP/2 q-sec.in/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.8.5
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash 961b384bf5b28ac673051be024563f79
606ebba9fa8aec74cf413098b084500c8b16b85c
a9c17b0e5a9c12428c6ed8d0c4622ddbae112a9ac19bccf451f125972cd91935
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.8.5 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 483
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.3
192.185.24.224200 OK 3.0 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2997
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/elementor/css/post-56.css?ver=1634797122
192.185.24.224200 OK 3.3 kB URL HTTP/2 q-sec.in/wp-content/uploads/elementor/css/post-56.css?ver=1634797122
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19491), with no line terminators
Hash 0b2f93e6e4a9099208027b868437fe0d
02af636e9aa21737522ebe0fca884ec2886575f4
58619e97bed91d6669019e854dce8541e75cbeb529e8a2534b6fc48dbac073ed
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-56.css?ver=1634797122 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 21 Oct 2021 06:18:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3288
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/wp-util.min.js?ver=5.8.5
192.185.24.224200 OK 709 B URL HTTP/2 q-sec.in/wp-includes/js/wp-util.min.js?ver=5.8.5
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1305)
Hash e9edb7bac979409cf7dbc48d7ab8aca7
ed3f941a8fe41e3994a3ca5e620219328628f532
2a0742cad9937c742b2f51c1ea2ae48359ce8d88d8b56f6d8910c0a267d631b5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=5.8.5 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 709
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/auxin-portfolio/public/assets/js/portfolio.js?ver=2.2.2
192.185.24.224200 OK 742 B URL HTTP/2 q-sec.in/wp-content/plugins/auxin-portfolio/public/assets/js/portfolio.js?ver=2.2.2
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e173c289e499f363a95e4784c03bf1b1
adf00ed43f1e1bc851e79853e6b5cf5017a5f9bb
7c03b7b6d8ebc7016308d4d6543aeebf9c9295621582687d0a3777a1ba1ec77b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/auxin-portfolio/public/assets/js/portfolio.js?ver=2.2.2 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 19 Sep 2021 11:31:19 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 742
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.8.1
192.185.24.224200 OK 1.1 kB URL HTTP/2 q-sec.in/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.8.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash cd0d4a61ea66e2609f7fafca802e10c8
6c2f2a32371a7cb6c34cd0d7abd5ca653058b6e1
21a6739f80cd455c35620bf9869f312c4ff0b7e5d4b6d6cc8401bd5deba54c1a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=5.8.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 23:25:06 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1093
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.24.224200 OK 4.6 kB URL HTTP/2 q-sec.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/auxin-elements/admin/assets/js/elementor/widgets.js?ver=2.8.9
192.185.24.224200 OK 712 B URL HTTP/2 q-sec.in/wp-content/plugins/auxin-elements/admin/assets/js/elementor/widgets.js?ver=2.8.9
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d6a9437fa5200fd490b012cdf8be0ceb
fe3ee9a5fc4851daa7373288273721afeef944ad
65e2dee0092ca0edef6423840c590f3ba0d6a2fda79be357ba60204436c369f0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/auxin-elements/admin/assets/js/elementor/widgets.js?ver=2.8.9 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 19 Sep 2021 11:31:18 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 712
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.8.1
192.185.24.224200 OK 1.0 kB URL HTTP/2 q-sec.in/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.8.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash 0bebfb5722cbc8ac04e62aa40698be49
3bc5e4f29cb19a2d80d46dee242dabf7e42c0fd3
70d02eabbadbe176455a2bb53d8d567feca69847c067a5274987a8bdc65e3c05
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.5.8.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 23:25:06 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1000
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.3
192.185.24.224200 OK 4.4 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14869)
Hash 7bab7ad64ffbd7846dd6819250b93e2e
c924918d540389aff62220088b6761f38a5da272
045250efe67364c953a91f6a60cf407ebb5cfdb2da04e84c3d98e5bab5eca9ba
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.6.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4359
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/wp-embed.min.js?ver=5.8.5
192.185.24.224200 OK 777 B URL HTTP/2 q-sec.in/wp-includes/js/wp-embed.min.js?ver=5.8.5
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391)
Hash 06ece4d01ee88297957c9f4cdcaa4df5
2b3321654a8ead1e1493eac9b5f1fdfb65e2037f
0b17eb6ab02e69f50ac52ca157375bd69853ae4f4796eb48a35eb4a12fc7af8b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/wp-embed.min.js?ver=5.8.5 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 777
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/elementor/css/post-58.css?ver=1634797544
192.185.24.224200 OK 7.6 kB URL HTTP/2 q-sec.in/wp-content/uploads/elementor/css/post-58.css?ver=1634797544
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18269), with CRLF, LF line terminators
Hash e35f9740874f20fe4e22bfec801262e1
d8f74d1f51254313c41757b748a176b605577862
55b765c406aa3ab268d7a0fe57158034f31e3a2517ab981b26cb9f805d28caff
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-58.css?ver=1634797544 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 21 Oct 2021 06:25:44 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7593
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.1
192.185.24.224409 Conflict 83 B URL HTTP/2 q-sec.in/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/ep-woocommerce.css?ver=5.11.1
192.185.24.224200 OK 7.9 kB URL HTTP/2 q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/ep-woocommerce.css?ver=5.11.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (36008), with no line terminators
Hash 5fa020dae8ecec2f083a683329f706a3
108ef3be8c215c20dd9fd3567a4a55a6c7d04349
58488163c86446d37110d405a2a60eb4c32e29ffeff2811a6b31f81e0fd4556a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-element-pack/assets/css/ep-woocommerce.css?ver=5.11.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Oct 2021 11:02:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7930
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/themes/phlox-pro/css/auxin-icon.css?ver=5.4.15
192.185.24.224200 OK 8.8 kB URL HTTP/2 q-sec.in/wp-content/themes/phlox-pro/css/auxin-icon.css?ver=5.4.15
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (308)
Hash d89845fa583c0ce1e1eb30592b1899ea
223851d4ea5c48597a6fd48d3d125d728c325edf
d0fb2f25d28640eefd145d8fefd98ed5b1ad197ae2bb87dcf643398b75afd80a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/phlox-pro/css/auxin-icon.css?ver=5.4.15 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:54:39 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8825
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
192.185.24.224200 OK 13 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (57726)
Hash dc63c0a8e2d5857cc7a00a4b5456dabb
ee29df5eb2a4bf3eb805b160551c1afd84b42599
035ef40b1dd3df1eefb2dd3c8c2096425727fb939b06f3aa0bc6ef91dafd5441
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12577
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.12.1
192.185.24.224200 OK 1.7 kB URL HTTP/2 q-sec.in/wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.12.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4180)
Hash 929ffeaa26bd2ea59f322b35185f4f21
032d4993ee5e405bc914624b572abbce631786d2
3dfd4be01436edd7bddf4832ddfd97f2fb930908095641de0f8a763c6a5bc191
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/ui/controlgroup.min.js?ver=1.12.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1737
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.6
192.185.24.224200 OK 16 kB URL HTTP/2 q-sec.in/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.6
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 0037a4f54e08da3820effdb14e066c05
e6380be62a9beb312465b7440f3d7483bf2b42ee
049f49bae85c6647acf82b2390d121d8c0e212d0a6dc53ac8dff5dde31eb26da
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.6 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:57:35 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 16395
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/jquery/ui/button.min.js?ver=1.12.1
192.185.24.224200 OK 1.8 kB URL HTTP/2 q-sec.in/wp-includes/js/jquery/ui/button.min.js?ver=1.12.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5391)
Hash 014eba142f35916b63596c1476636d7b
07508bdb564f41c59e13c9e182bae2ff404714c4
c638181248ee45eeb467576eb6171756ad52d4e4cf2ed3931aaa7ff8d675fe83
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/jquery/ui/button.min.js?ver=1.12.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1846
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.12.1
192.185.24.224200 OK 1.6 kB URL HTTP/2 q-sec.in/wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.12.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4182)
Hash 04e710f63eaa3da89a177b4cc321de92
822c102a85b13988b2de4ab26d2558f6b00a2526
86286642587443e90df9bf8ba2a8e69689616b9f65303334dce17ea46a77f3c0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/checkboxradio.min.js?ver=1.12.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1580
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
192.185.24.224200 OK 3.7 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3747
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/double-aarow-2.png
192.185.24.224200 OK 1.0 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/double-aarow-2.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b76c1234fc78894e09484445dc36c63
81832ab0f773958496635804462f8c8d87f2283b
f3f5f6f142c3e40ad4003c34c6c31b618105a166bc725625f05212b161287dfc
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/double-aarow-2.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:54:11 GMT
accept-ranges: bytes
content-length: 1022
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/auxin-elements/public/assets/js/scripts.js?ver=2.8.9
192.185.24.224200 OK 2.9 kB URL HTTP/2 q-sec.in/wp-content/plugins/auxin-elements/public/assets/js/scripts.js?ver=2.8.9
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f00722bae3874aae8ac586e98505deeb
563dd62ce5e0ab38a40c8b70c442d34cded03e4a
6c77a912e904a59b6c996429d2584064c4eae8058fab55f9572080762aa32b43
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/auxin-elements/public/assets/js/scripts.js?ver=2.8.9 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 19 Sep 2021 11:31:18 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2909
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.8.1
192.185.24.224200 OK 4.0 kB URL HTTP/2 q-sec.in/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.8.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9151)
Hash 338b374df64ac61f520f0dc2c42f84a4
7f5d52c9681f54bd3adbda325dffaac88b48839f
c411e1e640b16842b6142a6e4db4b7172abedc8740b0944fc7c510c7f8f85609
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.5.8.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 23:25:06 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3952
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/mail-3.svg
192.185.24.224200 OK 472 B URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/mail-3.svg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (472), with no line terminators
Hash 8077b9488d57ac086e380335df3327e2
eca2401d69c2ea28b32df786b44f30aa72a78bc7
404f8261e1e38f8cd592cd8b1b926210de9b189272a17a55f41529c2a5eb39ad
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2021/08/mail-3.svg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Aug 2021 05:24:42 GMT
accept-ranges: bytes
content-length: 472
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/location-6.svg
192.185.24.224200 OK 1.1 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/location-6.svg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1134), with no line terminators
Hash 0b22a3e4c82fee28077225625bf7fa17
99b4023170dd3050ca07385d0fce3b0fffe495b5
c1483511bc5de547f0f7d4a6674eabe5ae29577b5feaba1ec7fa6ab195f589d4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2021/08/location-6.svg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Aug 2021 05:24:40 GMT
accept-ranges: bytes
content-length: 1134
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=5.8.1
192.185.24.224200 OK 4.5 kB URL HTTP/2 q-sec.in/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=5.8.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13595), with no line terminators
Hash a7678a2219bac92e636580621aaac465
75f418b7f0614812f972b8c1c676ce7975c4ac6d
956689e4f6e951114a6b5bc5cf7d8608e00829910ad1188202399a140500680e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=5.8.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 23:25:06 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4497
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.0
192.185.24.224200 OK 374 B URL HTTP/2 q-sec.in/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.0
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (754), with no line terminators
Hash ef785f463505633971eae5c08ad626d4
624e22257f386801822229db3a4bbd2e24b25e2f
b2a0dc77f0f79d81698a7e3893e16ecba7b0d980b80a5233656d9b11f1d8160d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.0 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Oct 2021 11:03:15 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 374
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.3
192.185.24.224200 OK 1.2 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2577)
Hash 159281ac01a46f042b38d0d44cf3eb7a
54677be6b1cf85899d2ab1a6fada531ca5613d29
0738d3f931e8df2b67f3be1ec216b103560266c56cc38fdafae055bcb807ffea
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1151
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/target-3.svg
192.185.24.224200 OK 2.0 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/target-3.svg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2010), with no line terminators
Hash 3e88b35ed0c5d4198106004fe144bc5b
316899d690d5f6d000a5894f1dd43b2ebfdf5a13
ab761725be71a25929fbacb1dbcabcf059cc03bd31bcfc9addf992ff310866eb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2021/08/target-3.svg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Aug 2021 12:03:05 GMT
accept-ranges: bytes
content-length: 2010
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/glass-logo-1.png
192.185.24.224200 OK 1.6 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/glass-logo-1.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 65176c6bb103bd6b166c90e27ca4f5f1
195ac462ab62607dc1db22463a81444342cc9894
39d18462517ae1f2c5f8bd95a52ae0924c82a4f9c06bfca8aa7ec2a9c440f764
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/glass-logo-1.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:46:04 GMT
accept-ranges: bytes
content-length: 1608
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/phlox-pro/custom.js?ver=5.6
192.185.24.224200 OK 151 B URL HTTP/2 q-sec.in/wp-content/uploads/phlox-pro/custom.js?ver=5.6
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 645bc3de93d99657553fde94f17db939
d953ddb6c9815423f168faeca9e7471cfde1a838
4d0e56b49c823d7a8071ab3d2c0fd51cfc584b9e5ff3a4cd39098ae1c3c1213e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/phlox-pro/custom.js?ver=5.6 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Sep 2022 22:58:04 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 151
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/umbrella-logo-1.png
192.185.24.224200 OK 2.2 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/umbrella-logo-1.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 094c2848e4773124d53a81b613b4b442
37e7f6dd1ed84e9cf418c0e99ad7d312af5c5af1
eee377b54be5d4a867c295774d143143a2ab8f590262fd69fca5bb132e3bbb38
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/umbrella-logo-1.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:47:13 GMT
accept-ranges: bytes
content-length: 2190
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/phone-4.svg
192.185.24.224200 OK 1.8 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/phone-4.svg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1847), with no line terminators
Hash 4575f38b972f42f274edda066c2c426b
e22bb6aa4401dab36052c0095ca2a53423462457
674f50611392e67df3b087b147238d350328d40ebdfc8338f917048427a2a053
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2021/08/phone-4.svg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Aug 2021 05:24:43 GMT
accept-ranges: bytes
content-length: 1847
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/fire-logo-1.png
192.185.24.224200 OK 3.2 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/fire-logo-1.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash eac5ea8030b2a9238c452922a4912be9
4c7861a42e60c78439181489ffd43c46e97ce5ca
aa75b0a2a166a94cc7c1dfb3dbea9733efef02db7dea8b013d1e549e716c9785
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/fire-logo-1.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:54:49 GMT
accept-ranges: bytes
content-length: 3247
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/rupees.svg
192.185.24.224200 OK 3.3 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/rupees.svg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3336), with no line terminators
Hash c76f257eedb859586f2c35b35b0f682f
9d697561110dc5729981bc5a169f826d4ae3616f
797cab9354286c964748b08ef7b6df1778fec9663dd2b9e6fc917a1fcd767904
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2021/08/rupees.svg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Aug 2021 12:52:52 GMT
accept-ranges: bytes
content-length: 3336
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/product-1.png
192.185.24.224200 OK 3.2 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/product-1.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash c81e82f81a6940928f46357ba7dae041
dc85f8b527478f1fdabbbeaf7fc5e9cf11f9a8e8
4ced445e6de3359b7204dc1f8716dbb399e37dea6bbac8dc90ec5fef0c060f35
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/product-1.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:49:47 GMT
accept-ranges: bytes
content-length: 3183
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/isi-logo-1.png
192.185.24.224200 OK 2.9 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/isi-logo-1.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 8661c82095eea0542b5834f0e2962337
c5f20af6f8d7ec2ea7733b7f24f546a5f61244a3
d7a5cedc4d389fb344312139d864ead4e9232bed4e69df89942caf9a12710a47
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/isi-logo-1.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:46:56 GMT
accept-ranges: bytes
content-length: 2933
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.3
192.185.24.224200 OK 2.3 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4921)
Hash 81f5a09275fd7706db96f0c713845671
5001205c96421643ced2980c71aaac868459859d
a3a4e6ffd44ff39605d0f2b45a55d178ca1241bcd364d8c13091d71be0c2cb76
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2314
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/product-1.svg
192.185.24.224200 OK 3.8 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/product-1.svg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3793), with no line terminators
Hash 49a798a37e06d5f8a090734204aa20f2
f07733218703988a3cbb7745fd018b8e15159238
2f1a6501dd525a7fd55fa7503c491d800130a40fbf5aae103511669a8cef7e11
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2021/08/product-1.svg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Aug 2021 12:49:42 GMT
accept-ranges: bytes
content-length: 3793
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/ambrella-logo-1.png
192.185.24.224200 OK 2.7 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/ambrella-logo-1.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 40b8bca42e8b3d832a5517eef34aed82
3ecbca10b9da4c0da535e2664ae04dd982916f3f
1b1ed181a88f776b2e05c99e0a7b509a0fe73727e98da8b69fb35ee0ef1cf555
GET /wp-content/uploads/2021/09/ambrella-logo-1.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:48:16 GMT
accept-ranges: bytes
content-length: 2721
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/ce-logo-1.png
192.185.24.224200 OK 4.2 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/ce-logo-1.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 79ce2eb3cb4965da2c5c142a73f0e6e8
7a861a282d5a029cdf0bf00f0e9b53353cec1c88
08feac10e980ddc245134d4948cecb9abc3421db9dd2850e22607502dc6fced2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/ce-logo-1.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:48:52 GMT
accept-ranges: bytes
content-length: 4188
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.3
192.185.24.224200 OK 5.7 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (14238)
Hash b86a6723529a6b9056c3f6af46959565
01deea34facad6127e0ac241cd41b4e162a28074
145f07e0da14df6edd39374060d255727a47ceb817d67abd6d38a2119e5aa340
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5676
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/jquery/ui/spinner.min.js?ver=1.12.1
192.185.24.224200 OK 2.8 kB URL HTTP/2 q-sec.in/wp-includes/js/jquery/ui/spinner.min.js?ver=1.12.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7352)
Hash b0d2bccfc7effef9e4daca70efe8fdf2
37864a8fa85c63c2c599a36e9f897093467c7eea
d5dc941133ffd4fe2cc5b47a8acf768f78825dbd3b2a8a7aa553ce9a11489119
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/spinner.min.js?ver=1.12.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2763
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
192.185.24.224200 OK 2.6 kB URL HTTP/2 q-sec.in/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6406), with no line terminators
Hash 340db4973d1ee14c5348599f661a3220
d4cf31e2af7774c276d7a883733a8392e232df49
85d0de0d6dbe1f487407829c52413d7e81c7c9ed28bc3ae9079c19303e91f678
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2635
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/wpt-whatsapp/assets/js/public.js?ver=5.8.5
192.185.24.224200 OK 2.8 kB URL HTTP/2 q-sec.in/wp-content/plugins/wpt-whatsapp/assets/js/public.js?ver=5.8.5
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 7319f4ff1be6f38b7431b8d5a0d88d50
49904939787befd3b1d139ea04130691c8a0d9ae
a8d1f92d23a8149fd222a9510c665abc7e37aa7cc5dee06ed5076597f92997a4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/wpt-whatsapp/assets/js/public.js?ver=5.8.5 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 12:07:10 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2836
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/swachh-bharat-1.png
192.185.24.224200 OK 6.7 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/swachh-bharat-1.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 9b6a3ce0ab80dbd27ffc23498c7e0061
e965d7c9cc5a1d60e99cb3713353c548f7632d52
00977c7ac402a2f9cf3e20a6d3bcc7427b603929a81f1a23a9b1bc7884c60a52
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/swachh-bharat-1.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:51:37 GMT
accept-ranges: bytes
content-length: 6707
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/go-green-2.png
192.185.24.224200 OK 7.2 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/go-green-2.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 132a9672a588693eddd170cc457ae25a
1dfa36f17986e9295862311e9e07c0350488fe04
4ef4c6567aac096bfc5e6e2d6b1ab3916d9249f14753e575ce695d141f163c26
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/go-green-2.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:46:09 GMT
accept-ranges: bytes
content-length: 7241
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/enerygy-saving-1-logo.png
192.185.24.224200 OK 8.2 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/enerygy-saving-1-logo.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b6af7792e226d22ab3c24828aadf751
3c26733c4e7ded3b58623f5f6f273bcdf476547d
f441ceaf919c137485ce83da6f02000c6a39536baac23489d15f411450415907
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/enerygy-saving-1-logo.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:33:56 GMT
accept-ranges: bytes
content-length: 8224
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/save-water-1.png
192.185.24.224200 OK 8.9 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/save-water-1.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash a19746d80f28ee8e43f022346d2f3041
0fc2d4719fe4a94c2a76bc06d9548a9cc6850ddd
d8b7a95335a5661e2d4389775e09d1b7d9274d669aca2ba86a508c13043d94f0
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/save-water-1.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:47:25 GMT
accept-ranges: bytes
content-length: 8944
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
192.185.24.224200 OK 6.9 kB URL HTTP/2 q-sec.in/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (16323)
Hash 122fe79a1d53d10946cded540d2e219f
6271fdf889afe8a13d7c69efea9b40cbd0d81939
94cb1b0ca86f7f0bb7bcc81b42a06b6199bd37ff77ca88dccf3acc92683f3e24
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 6935
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/make-in-india-1.png
192.185.24.224200 OK 9.5 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/make-in-india-1.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash db1b17aad3de3133dcff0bb7b8ec2e8c
1d902f2289b4f50a5cc896586cf0a482fe7b922b
a0977d7266ded3e9b9eac65a08b49e358c23a25be293e767a5eab09afd9790aa
GET /wp-content/uploads/2021/09/make-in-india-1.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 20 Sep 2021 07:50:49 GMT
accept-ranges: bytes
content-length: 9509
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
192.185.24.224200 OK 4.2 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10544)
Hash 552977febe8ef2c71b0806dfaefd2552
01baebfd09383c5d44f066e7b5540fcca6a5eae4
7895907f5a4f54c08c4705b1a194e21c556d68027c5e0a70d4c05b377e712b1d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4200
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/strategy-1.svg
192.185.24.224200 OK 10 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/strategy-1.svg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4008)
Hash e9474aaf94f51f7710181042eb6dd453
7e8d8362b117113c5f75ba18419c3733f8814caa
6904df688dc82c48650171e83a3fc3843f57fc95168ec3b708694233d3b59539
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2021/08/strategy-1.svg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Aug 2021 12:05:02 GMT
accept-ranges: bytes
content-length: 10400
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/QSEC-LOGO-e1629286192841.png
192.185.24.224200 OK 12 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/QSEC-LOGO-e1629286192841.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 220 x 142, 8-bit/color RGBA, non-interlaced\012- data
Hash 5e79b2609ab93c0e27e9bd3cd498b29b
af5cdc4233be7c86388293192e7e5bbbd74b3183
e8f3f33f4e32e050114c906e7e32b35c2b8e3cd2072c8fd4c70ed4f4dc35f77f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/08/QSEC-LOGO-e1629286192841.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 11:29:52 GMT
accept-ranges: bytes
content-length: 12144
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/innovation-1.svg
192.185.24.224200 OK 14 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/innovation-1.svg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (14028), with no line terminators
Hash 39a4c8cd730e46168df2da9ae511997d
c2b6aae6b5289958fcc798dbb1c2a33a07f598fe
5eb16631bf844a2d6742ca50020114d5a876b15c0a9833dff275f55bbc03d8b7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2021/08/innovation-1.svg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Aug 2021 11:54:45 GMT
accept-ranges: bytes
content-length: 14028
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
192.185.24.224200 OK 8.2 kB URL HTTP/2 q-sec.in/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7973)
Hash 6e3b0317803aa9f226979ad7a7e77593
c95b4f532fd03f3754bf63139a57aab65fbe8a25
84520e8f7a292cb992fa9c62932245f598c6fa043fd4e19eadb6ad9a767dca6f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8223
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/auxin-shop/public/assets/js/shop.min.js?ver=1.8.1
192.185.24.224200 OK 5.8 kB URL HTTP/2 q-sec.in/wp-content/plugins/auxin-shop/public/assets/js/shop.min.js?ver=1.8.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16620), with no line terminators
Hash 49ccdb2f595feb462fee2880e8b2747c
d00dc3a1876ec32e963cee23b80d67eeb4d33283
eed274d1d81623ad8bc418b5dc1d0d48cfc7d9dc905257b51bfb4491dd92a7e4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/auxin-shop/public/assets/js/shop.min.js?ver=1.8.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:57:34 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5843
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/v3-submersible-pump-500x500-1.jpg
192.185.24.224200 OK 18 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/v3-submersible-pump-500x500-1.jpg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 95de63ef41b768d9946f5f1d3e8d082e
ce973527fe483a1591c6f79dd54b53b32a6fb3e7
383eb5faa51becf174244d1b712d18744af3242342f2fe607c42abc64e3c6701
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/v3-submersible-pump-500x500-1.jpg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Sep 2021 10:08:00 GMT
accept-ranges: bytes
content-length: 18014
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/wp-ulike/assets/js/wp-ulike.min.js?ver=4.5.6
192.185.24.224200 OK 5.6 kB URL HTTP/2 q-sec.in/wp-content/plugins/wp-ulike/assets/js/wp-ulike.min.js?ver=4.5.6
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16493)
Hash 5caf60bb61f4aafbb362a725600935da
52240d092a66ae79c01b579b0c339b44266809fd
6a307fb9aa2635fc7a16eae5c4cc6cb028d6858b7697009d352cd2befec37b8a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/wp-ulike/assets/js/wp-ulike.min.js?ver=4.5.6 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Oct 2021 11:03:11 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5612
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/masonry.min.js?ver=4.2.2
192.185.24.224200 OK 9.2 kB URL HTTP/2 q-sec.in/wp-includes/js/masonry.min.js?ver=4.2.2
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23966)
Hash 2a730dafa34e6ff81513d31e486cdbdb
1fce17d256f67ae086d74092a03006997d9b0add
7a5fd36a453a3a7471fa93b8169579f9a98e2df7a262c44d28d3de41a0f7ae1c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 9216
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/v4-submersible-pump-500x500-1.jpg
192.185.24.224200 OK 20 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/v4-submersible-pump-500x500-1.jpg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash f7e59d95317c5d180ca68fd8d78b0d30
20041a3f9279c2e3934c96827a35f8ab0bca553c
7b5061d9edfb74e5c9c567d84fd8775f298847fb843f77d1ddf0f14f9f082085
GET /wp-content/uploads/2021/09/v4-submersible-pump-500x500-1.jpg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Sep 2021 10:08:12 GMT
accept-ranges: bytes
content-length: 19788
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/auxin-elements/public/assets/js/plugins.min.js?ver=2.8.9
192.185.24.224200 OK 12 kB URL HTTP/2 q-sec.in/wp-content/plugins/auxin-elements/public/assets/js/plugins.min.js?ver=2.8.9
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (31771), with no line terminators
Hash b893db8d7266f1ad0b4de2acc31f69e4
76627f47b9c35964418f93a6bd198a73977ba17d
8d608a85750a58ac31036c20dd14a3fb8fd10f2c4ba18d2519a4dbc9dfcf97d5
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/auxin-elements/public/assets/js/plugins.min.js?ver=2.8.9 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 19 Sep 2021 11:31:18 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 11521
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/underscore.min.js?ver=1.13.1
192.185.24.224200 OK 8.3 kB URL HTTP/2 q-sec.in/wp-includes/js/underscore.min.js?ver=1.13.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19041)
Hash e45e83fd86a608f36eed8d8178c0c218
84cbfc05d78d37a27374bb30ac9b933a8d4ce3e6
0e64084fe2aa346fffd15ce84b27ac3a62f7b8e555f563a4d919766a777f5262
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8329
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f08468f742203b67cafd4eb9d919877c
0ab9c6875fa317315e2e7dcdb1ba8c5d28bfef68
b66d3243be1a67a813352f3c2efa4259d4e0c7960b2206a381b52ee97dc3ff23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
q-sec.in/wp-content/uploads/2021/09/v7-0.5-1-hp.jpg
192.185.24.224200 OK 50 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/v7-0.5-1-hp.jpg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 12650905c2527fcd39f5271a81c6e0be
5c829fa50bc57623335b903a2c67a0a31f15abb0
eea508823b0f3de54c389b354906d5cb6301d0bf2afe440e3a4ae13ab0b49117
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/v7-0.5-1-hp.jpg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Sep 2021 13:19:47 GMT
accept-ranges: bytes
content-length: 50261
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/themes/phlox-pro/js/scripts.min.js?ver=5.4.15
192.185.24.224200 OK 15 kB URL HTTP/2 q-sec.in/wp-content/themes/phlox-pro/js/scripts.min.js?ver=5.4.15
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (46479)
Hash 97b2a88a6fdbb7f3dedfc1e44790eaa7
2267f22344926ee28d8ce0eab15674ef5f6b0f17
634bc454b34c784b15c2a4589de60b53fe5b5c805785f96abafe0a049d37334a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/phlox-pro/js/scripts.min.js?ver=5.4.15 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:54:39 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 14710
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/ci-body.jpg
192.185.24.224200 OK 99 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/ci-body.jpg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 500x500, components 3\012- data
Hash 099cca965834aee9ea207152f0fbe9ad
74624147df77aa377bdeb2050272e9ba9b1a09da
11d6d4b8c44a9c81106f00de7381d932564d5704778dfa5ee65ecd79920ddd3b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/ci-body.jpg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Sep 2021 13:19:18 GMT
accept-ranges: bytes
content-length: 99038
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/link-01.svg
192.185.24.224200 OK 97 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/link-01.svg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c857b75ead42c6205762e703b34fb587
ddc7aa09b5bd5f1a63b817bd6d45c51b7c8825e6
8b791800286869c469933b824e6aa97e793297240c30da2c4e87a388680282da
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads/2021/08/link-01.svg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 26 Aug 2021 05:34:28 GMT
accept-ranges: bytes
content-length: 96906
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.3
192.185.24.224200 OK 15 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (37702)
Hash 3a70b112a41dd734c1190912d09ded2b
378e29d279fbf0abeeaecaa605e4104cbe9094c3
8d7b9da7276de97df7f15301c051cb4bf0090a0d38210e707aafc5ee172f9df0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 14706
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.3
192.185.24.224200 OK 17 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43353)
Hash 40b76abcdf839d3fac5fe68a06c885eb
d516e72be4c6dd97cc49005285d96e02e112187c
8e53f3abf68a0d709e18ae3d8aca645ca0bcd29eeeac767bee38f69c81429a6f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 16889
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-DBC7NJEVV7>m=2oe9l0&_p=828950059&cid=1847939473.1663911140&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663911140&sct=1&seg=0&dl=https%3A%2F%2Fq-sec.in%2F&dt=Best%20Submersible%20Pump%20Manufacturers%20in%20Rajkot%20India%20-%20Qsec%20Pump&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-DBC7NJEVV7>m=2oe9l0&_p=828950059&cid=1847939473.1663911140&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663911140&sct=1&seg=0&dl=https%3A%2F%2Fq-sec.in%2F&dt=Best%20Submersible%20Pump%20Manufacturers%20in%20Rajkot%20India%20-%20Qsec%20Pump&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DBC7NJEVV7>m=2oe9l0&_p=828950059&cid=1847939473.1663911140&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663911140&sct=1&seg=0&dl=https%3A%2F%2Fq-sec.in%2F&dt=Best%20Submersible%20Pump%20Manufacturers%20in%20Rajkot%20India%20-%20Qsec%20Pump&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://q-sec.in
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://q-sec.in
date: Fri, 23 Sep 2022 05:32:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:32:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/k2d/v9/J7aTnpF2V0EjcKUs.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/k2d/v9/J7aTnpF2V0EjcKUs.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12732, version 1.0\012- data
Hash b90cc900842c79cac28647223c37854f
5722106d3b0553e9b4232c25c36585dea76cf645
2e687cd9d72613f501accd897ef9c87d17c6e5ef5406bb4fe4a516baa22bc53e
GET /s/k2d/v9/J7aTnpF2V0EjcKUs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://q-sec.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12732
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 20:12:50 GMT
expires: Wed, 20 Sep 2023 20:12:50 GMT
cache-control: public, max-age=31536000
age: 206372
last-modified: Tue, 26 Apr 2022 15:25:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bebasneue/v9/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/bebasneue/v9/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13416, version 1.0\012- data
Hash ee8b62d0a7c20d589e293d284eb9f2cf
bbd002e3a3aac2a6937b7b31bbca14d43acb8363
5b4101d4a007ce5231c65dd082b9542ffd40b6e12cc9ea67de9b54063bbbf073
GET /s/bebasneue/v9/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://q-sec.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13416
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 03:07:01 GMT
expires: Thu, 21 Sep 2023 03:07:01 GMT
cache-control: public, max-age=31536000
age: 181521
last-modified: Tue, 19 Apr 2022 19:07:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/k2d/v9/J7aenpF2V0Err4E5k5Y9.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/k2d/v9/J7aenpF2V0Err4E5k5Y9.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13292, version 1.0\012- data
Hash 0eaf4357246a0227dd99d17c732b2036
73e46af28011842777b5569c4d31d95ad6b1d8e0
61bed77dab062da0303d6ac8280a482065bd32506328ff76c77c0afb9ae55d65
GET /s/k2d/v9/J7aenpF2V0Err4E5k5Y9.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://q-sec.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 04:46:42 GMT
expires: Thu, 21 Sep 2023 04:46:42 GMT
cache-control: public, max-age=31536000
age: 175540
last-modified: Tue, 26 Apr 2022 15:25:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/k2d/v9/J7aenpF2V0Ery4A5k5Y9.woff2
142.250.74.163200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/k2d/v9/J7aenpF2V0Ery4A5k5Y9.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13468, version 1.0\012- data
Hash ee8bf062ea6096114e2d6525a0aa5d05
59970ddff0919e66d704a73ee0de5da18714d511
881b3f710e78d77caf53f685059c6678bd0549333e5e0cc0d632d4bcef17bf31
GET /s/k2d/v9/J7aenpF2V0Ery4A5k5Y9.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://q-sec.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13468
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:16:19 GMT
expires: Fri, 22 Sep 2023 20:16:19 GMT
cache-control: public, max-age=31536000
age: 33363
last-modified: Tue, 26 Apr 2022 15:21:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/k2d/v9/J7aenpF2V0Erg4Y5k5Y9.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/k2d/v9/J7aenpF2V0Erg4Y5k5Y9.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13392, version 1.0\012- data
Hash 256a9d6223d3039607a139143b74fdc9
b4aa6b3954b272869525a55c9815352157633eea
cb365b7044332114ca3e2972bb20ff5cf06fbd84fd3111559aef2ea561c65b9e
GET /s/k2d/v9/J7aenpF2V0Erg4Y5k5Y9.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://q-sec.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13392
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 06:47:29 GMT
expires: Fri, 22 Sep 2023 06:47:29 GMT
cache-control: public, max-age=31536000
age: 81893
last-modified: Tue, 26 Apr 2022 15:21:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash edd6c63988b69a64a51433c3fd91b0ba
a0a41a5403a2c397d70cfa267c1d6407250df043
c9b1efff4ebf41ad54d3137ee7a93b688c66765df99e387ae730b39abe2f115f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Sep 2022 05:32:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
q-sec.in/wp-content/uploads/2020/04/footer-1_11zon.jpg
192.185.24.224200 OK 87 kB URL HTTP/2 q-sec.in/wp-content/uploads/2020/04/footer-1_11zon.jpg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2560x1440, components 3\012- data
Hash bc2b013a6de3812da82b452459d19223
111a8a69705632ee1e38fc9b2a5d80ef1c833735
6ec3cf4158c3e4fbe7325771972c5b75d9054755d9cbadc2a03c4b292b82df2e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2020/04/footer-1_11zon.jpg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/wp-content/uploads/elementor/css/post-56.css?ver=1634797122
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 26 Aug 2021 10:01:20 GMT
accept-ranges: bytes
content-length: 86903
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:22 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
192.185.24.224200 OK 92 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 92444, version 1.0\012- data
Hash e5d9164498f1649084fe6fb95d3ad593
29e71123f8ef22f20f8d50bc4caac9db6e04a824
1525cd3ea05d1c00e4b385e781749c3bac5c01570b5800198bec0a252bb6c715
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://q-sec.in/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
content-length: 92444
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:22 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff2
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
192.185.24.224200 OK 77 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
content-length: 76764
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:22 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff2
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
192.185.24.224200 OK 78 kB URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://q-sec.in/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
content-length: 78196
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:22 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: font/woff2
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/revslider/public/assets/assets/dummy.png
192.185.24.224200 OK 68 B URL HTTP/2 q-sec.in/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:57:35 GMT
accept-ranges: bytes
content-length: 68
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:22 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads//2021/08/QSEC-LOGO.svg
192.185.24.224200 OK 7.0 kB URL HTTP/2 q-sec.in/wp-content/uploads//2021/08/QSEC-LOGO.svg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3661), with CRLF line terminators
Hash ea77f672d35a7e451bc9137f9eb53d43
9579271cacb2e826d8edb1960755d6658c6b9c17
57d31860aef56bdfb6c15c01ef686c94a32a15e40c3cac38f8683fd949cd9fad
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/uploads//2021/08/QSEC-LOGO.svg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Aug 2021 04:52:04 GMT
accept-ranges: bytes
content-length: 6950
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:22 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.1
192.185.24.224409 Conflict 83 B URL HTTP/2 q-sec.in/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
q-sec.in/wp-content/themes/phlox-pro/css/images/svg/symbols.svg
192.185.24.224200 OK 36 kB URL HTTP/2 q-sec.in/wp-content/themes/phlox-pro/css/images/svg/symbols.svg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1030)
Hash 355b57fa7f8cf5fb6cfa8d7f648081b2
b08aa2cd55c7b83fb6268a23ffe62a3bf70bac96
6e374834b5250534c7a0d1ee195ff202bfcac639f55bc3c4a7ceb611b5591c2e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/phlox-pro/css/images/svg/symbols.svg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/wp-content/themes/phlox-pro/css/main.css?ver=5.4.15
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:54:39 GMT
accept-ranges: bytes
content-length: 35726
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:22 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/?wc-ajax=get_refreshed_fragments
192.185.24.224200 OK 161 B URL HTTP/2 q-sec.in/?wc-ajax=get_refreshed_fragments
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with no line terminators
Hash 650d329ca7144ad1b254f70cec48c223
05e4429056d334328c79307d47cb4f2437037c25
2343b049d208442d3efabc649b5f659a589a5bbb8d5e92f1fffb474775331fea
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://q-sec.in
Connection: keep-alive
Referer: https://q-sec.in/
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://q-sec.in
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 161
content-type: application/json; charset=UTF-8
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/product-copy-min.png
192.185.24.224200 OK 135 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/product-copy-min.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 788 x 751, 8-bit colormap, non-interlaced\012- data
Size 135 kB (134595 bytes)
Hash 83132c50d963b46d1516f0c515ba2997
dbd38ebd72fe41a0f50dbe7348bcc89f97d55fc9
2d108b827a093f2c860ae7eea0693faf41e0fc39acf0d947416099d975ee370d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/product-copy-min.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Sep 2021 10:00:53 GMT
accept-ranges: bytes
content-length: 134595
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:22 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/BANNER2-min.jpg
192.185.24.224200 OK 79 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/BANNER2-min.jpg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x767, components 3\012- data
Hash f0b8ad4ee5f50b76a525ad7e91a19201
afbc26150c53788292ce81f6d5c97d0be43cc229
ff7bd21cb8b70d41a5b306ea2be9923844171cb256e44c90303622284f7e4052
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/BANNER2-min.jpg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Sep 2021 10:01:28 GMT
accept-ranges: bytes
content-length: 79143
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:22 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/fonts/element-pack.ttf?ht9wen
192.185.24.224200 OK 34 kB URL HTTP/2 q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/fonts/element-pack.ttf?ht9wen
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, element-pack\012- data
Hash d4ec35efac85882d806a0a1c47f727cc
28deedde2d87f3c383eeae2db997868eb21bed09
6a82c88dd293d45d22e5d92252a8ee9759a544e55557adc0221d8053ef65ef7e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bdthemes-element-pack/assets/fonts/element-pack.ttf?ht9wen HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/element-pack-font.css?ver=5.11.1
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
content-type: font/ttf
content-length: 33912
last-modified: Fri, 15 Oct 2021 11:02:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:23 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/site-icon-100x100.png
192.185.24.224200 OK 5.7 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/site-icon-100x100.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash a2bd646f2cdd33566d063b816467f316
65079da1a51bbdf72f5ba5ac277d200bb48dfe0e
f69dcd8c517646bc30d1aa01e176ac2bda6f3624ede46481173a134e7094a23b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/08/site-icon-100x100.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 11:26:58 GMT
accept-ranges: bytes
content-length: 5655
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:23 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:23 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/site-icon.png
192.185.24.224200 OK 15 kB URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/site-icon.png
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 27d4afe6399ae17e9681d94dd0b182e5
e49785abfc7037283c85144e4a88c9a2b8cbbf6f
af6c89fc8dfd039fa7ae65b05d49e6223aa0acdb4680d57a1aec3030c69c63af
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/08/site-icon.png HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 11:26:06 GMT
accept-ranges: bytes
content-length: 14562
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:23 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Fri, 23 Sep 2022 05:32:23 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-admin/admin-ajax.php
192.185.24.224200 OK 604 B URL HTTP/2 q-sec.in/wp-admin/admin-ajax.php
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with CRLF, LF line terminators
Hash 7f3a9eb8de65fa10ba376a98ca6c9ddd
e995d1ab0c69467d149590f5eb400f4c6e659030
cdf5ca2d9c79a87d83d77c2d0aa6b828f042205b98cd07bdad072f17894aef85
Analyzer Verdict Alert fortinet Malware
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 40
Origin: https://q-sec.in
Connection: keep-alive
Referer: https://q-sec.in/
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://q-sec.in
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 604
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-admin/admin-ajax.php
192.185.24.224200 OK 315 B URL HTTP/2 q-sec.in/wp-admin/admin-ajax.php
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- , ASCII text, with very long lines (648), with no line terminators
Hash 24435b615d0a081f91b811cb9399be45
618a27cad45e171d990bc40ad544301bfd64211b
cbd805595c7814e6c7b46f89dbb7f359f22f79b5aebf5cc3f2c042b02f742a9c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 43
Origin: https://q-sec.in
Connection: keep-alive
Referer: https://q-sec.in/
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://q-sec.in
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 315
content-type: application/json; charset=UTF-8
date: Fri, 23 Sep 2022 05:32:23 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/js/bdt-uikit.min.js?ver=3.7.2
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/js/bdt-uikit.min.js?ver=3.7.2
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-element-pack/assets/js/bdt-uikit.min.js?ver=3.7.2 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Oct 2021 11:02:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/themes/phlox-pro/css/main.css?ver=5.4.15
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/themes/phlox-pro/css/main.css?ver=5.4.15
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/phlox-pro/css/main.css?ver=5.4.15 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:54:39 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/v6-submersible-pump-500x500-1.jpg
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/v6-submersible-pump-500x500-1.jpg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/v6-submersible-pump-500x500-1.jpg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 23 Sep 2021 10:08:26 GMT
accept-ranges: bytes
content-length: 34473
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/themes/phlox-pro/css/base.css?ver=5.4.15
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/themes/phlox-pro/css/base.css?ver=5.4.15
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/phlox-pro/css/base.css?ver=5.4.15 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:54:39 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.5
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.5
IP 142.250.74.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.8.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 05:32:20 GMT
date: Fri, 23 Sep 2022 05:32:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.8.1
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.8.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=5.8.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 23:25:06 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1200
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400%7CBebas+Neue:400
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400%7CBebas+Neue:400
IP 142.250.74.10:0
GET /css?family=Roboto:400%7CBebas+Neue:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 05:32:20 GMT
date: Fri, 23 Sep 2022 05:32:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.6
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.6
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.6 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:57:35 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:52:42 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.6
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.6
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.6 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:57:35 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/js/element-pack-site.min.js?ver=5.11.1
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/js/element-pack-site.min.js?ver=5.11.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/bdthemes-element-pack/assets/js/element-pack-site.min.js?ver=5.11.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Oct 2021 11:02:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/bdt-uikit.css?ver=3.7.2
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/plugins/bdthemes-element-pack/assets/css/bdt-uikit.css?ver=3.7.2
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/bdthemes-element-pack/assets/css/bdt-uikit.css?ver=3.7.2 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 15 Oct 2021 11:02:52 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/agri-image-1..jpg
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/agri-image-1..jpg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/agri-image-1..jpg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Cookie: _ga_DBC7NJEVV7=GS1.1.1663911140.1.0.1663911140.0.0.0; _ga=GA1.1.1847939473.1663911140
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 24 Sep 2021 10:11:24 GMT
accept-ranges: bytes
content-length: 116052
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:22 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 23 Sep 2022 05:32:22 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/08/premium.svg
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/uploads/2021/08/premium.svg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2021/08/premium.svg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Aug 2021 13:00:12 GMT
accept-ranges: bytes
content-length: 1285
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/svg+xml
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=K2D%3A400%2C900italic%2C900%2C800italic%2C800%2C700italic%2C700%2C600italic%2C600%2C500italic%2C500%2C400italic%2C300italic%2C300%2C200italic%2C200%2C100italic%2C100%7CK2D%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&ver=5.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=K2D%3A400%2C900italic%2C900%2C800italic%2C800%2C700italic%2C700%2C600italic%2C600%2C500italic%2C500%2C400italic%2C300italic%2C300%2C200italic%2C200%2C100italic%2C100%7CK2D%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&ver=5.1
IP 142.250.74.10:0
GET /css?family=K2D%3A400%2C900italic%2C900%2C800italic%2C800%2C700italic%2C700%2C600italic%2C600%2C500italic%2C500%2C400italic%2C300italic%2C300%2C200italic%2C200%2C100italic%2C100%7CK2D%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&ver=5.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 05:32:20 GMT
date: Fri, 23 Sep 2022 05:32:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
q-sec.in/wp-content/themes/phlox-pro/js/plugins.min.js?ver=5.4.15
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/themes/phlox-pro/js/plugins.min.js?ver=5.4.15
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/phlox-pro/js/plugins.min.js?ver=5.4.15 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:54:39 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/
192.185.24.224200 OK 0 B IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 23 Sep 2022 05:32:18 GMT
server: Apache
content-type: text/html; charset=UTF-8
link: <https://q-sec.in/wp-json/>; rel="https://api.w.org/", <https://q-sec.in/wp-json/wp/v2/pages/58>; rel="alternate"; type="application/json", <https://q-sec.in/>; rel=shortlink
cache-control: max-age=300
expires: Fri, 23 Sep 2022 05:37:18 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:21 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Fri, 23 Sep 2022 05:32:21 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/uploads/2021/09/ss-body.jpg
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/uploads/2021/09/ss-body.jpg
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/uploads/2021/09/ss-body.jpg HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 22 Sep 2021 13:18:07 GMT
accept-ranges: bytes
content-length: 68064
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.3
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.3
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.3 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Apr 2022 14:40:08 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.9.1
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.9.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=5.9.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Mar 2022 23:25:06 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2
q-sec.in/wp-content/themes/phlox-pro/css/shop.css?ver=1.8.1
192.185.24.224200 OK 0 B URL HTTP/2 q-sec.in/wp-content/themes/phlox-pro/css/shop.css?ver=1.8.1
IP 192.185.24.224:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/phlox-pro/css/shop.css?ver=1.8.1 HTTP/1.1
Host: q-sec.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://q-sec.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 10:54:39 GMT
accept-ranges: bytes
cache-control: max-age=86400
expires: Sat, 24 Sep 2022 05:32:20 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Fri, 23 Sep 2022 05:32:20 GMT
server: Apache
X-Firefox-Spdy: h2