Report - qcleanservices.com/work-estimate

Report Overview

Submitted URL
qcleanservices.com/work-estimate
IP
192.185.111.23
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-11-26 02:13:07
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.86.38.2
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	14 kB	216.58.207.195
logicalwebsites.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	80 kB	192.185.111.23
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	47 kB	34.120.237.76
qcleanservices.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	279 kB	192.185.111.23
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	796 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	336 B	1.0 kB	142.250.74.10
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	287 B	18 kB	142.250.74.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-26	medium	qcleanservices.com/work-estimate	Phishing
2022-11-26	medium	qcleanservices.com/work-estimate/	Phishing
2022-11-26	medium	qcleanservices.com/wp-includes/css/classic-themes.min.css?ver=1	Phishing
2022-11-26	medium	qcleanservices.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/styles/common-css/reset.css?ver=1.0	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/css/prettyPhoto.css?ver=3.1.6	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/styles/style1/css/style.css?ver=2.13.3	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/styles/custom/custom_style.css?ver=2.13.3.1606881660	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/styles/common-css/responsive.css?ver=2.13.3	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/style.css?ver=2.13.3	Phishing
2022-11-26	medium	qcleanservices.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/scripts/superfish-menu/js/superfish.combined.js?ver=1.7.2	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/custom_params.js?ver=3.1.6	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/scripts/script.js?ver=1.0	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/scripts/responsive/selectnav/selectnav.min.js?ver=0.1	Phishing
2022-11-26	medium	qcleanservices.com/wp-includes/js/comment-reply.min.js?ver=6.1	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/styles/style1/css/text.css?ver=1.0	Phishing
2022-11-26	medium	qcleanservices.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Phishing
2022-11-26	medium	qcleanservices.com/wp-content/themes/u-design/styles/common-css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	qcleanservices.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-18
Pretty URL qcleanservices.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-18 13:42:00 Times Seen31778 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	qcleanservices.com/work-estimate/	182 B	2023-03-07	2024-04-18
Pretty URL qcleanservices.com/work-estimate/ IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:35:42 Last Seen2024-04-18 11:28:03 Times Seen46 Hash 377c69e11755e4782ff4aa615843f347 f2a331da594b5c1ef160a3b9d5098ef98f15ca7a 99af3df346b9baa9840d58c7345ebb5b4da6d0c2f9ac07926ae0ad3c5416bc80 Loading...

	qcleanservices.com/work-estimate/	182 B	2023-03-07	2024-04-18
Pretty URL qcleanservices.com/work-estimate/ IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:35:42 Last Seen2024-04-18 11:28:03 Times Seen49 Hash 2a7a775acf1c6147bfbd55eedb8b2d9e 7e8bbf46a0780a12104f3e1e90373555b8684f74 2b407d670b2e80ec568d4d19354406df8065e0a2965fbf399487551d82a8d322 Loading...

	qcleanservices.com/wp-content/themes/u-design/scripts/responsive/selectnav/selectnav.min.js?ver=0.1	1.7 kB	2023-03-07	2024-02-27
Pretty URL qcleanservices.com/wp-content/themes/u-design/scripts/responsive/selectnav/selectnav.min.js?ver=0.1 IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:48 Last Seen2024-02-27 21:17:50 Times Seen81 Hash b89594da7c557f031221a82824737fa3 d1670914738cfce54b689522ec7128583b4b589c 3a49b5b0707ed5ce3f87a37630497bc356224c3b8fd803ea61391d1ae37501d1 Loading...

	logicalwebsites.com/mforms2/js/jquery.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL logicalwebsites.com/mforms2/js/jquery.min.js IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 04:05:16 Times Seen60662 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	logicalwebsites.com/mforms2/js/jquery-ui-1.12/effect.js	41 kB	2023-03-07	2023-07-04
Pretty URL logicalwebsites.com/mforms2/js/jquery-ui-1.12/effect.js IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:03:28 Last Seen2023-07-04 12:08:17 Times Seen3 Hash 9d3ac0a26061cb0d6979ff7b27feb281 6ab8a3a530e3e81c0c1cbf83f66ecde277b4a202 01a98d8f1c110708e03c959cab5ed0bfae07cb4c6fbde366ddddac1ca71eee4b Loading...

	logicalwebsites.com/mforms2/js/jquery.ba-postmessage.min.js	1.1 kB	2023-03-07	2023-07-04
Pretty URL logicalwebsites.com/mforms2/js/jquery.ba-postmessage.min.js IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:03:28 Last Seen2023-07-04 12:08:16 Times Seen2 Hash 201be9e35632f2d244fb742ae305c339 7d49e64639b9c11b95c84ba3737048af8863009c 78566e80a0e176a1e87ec61ed2c4f82bbed1d070e3527c88517f96be109dbf92 Loading...

	qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/custom_params.js?ver=3.1.6	8.6 kB	2023-03-11	2024-01-23
Pretty URL qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/custom_params.js?ver=3.1.6 IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:23:49 Last Seen2024-01-23 13:49:24 Times Seen16 Hash d74f1c3043eee148c4648bac862f0808 f17c7d6af7aaee5f52c44b00dc05f9e9ad50e351 33db4f60ff15505e55dd66b114a9d579477fe95ac1b71ee1c74927f167b2a795 Loading...

	qcleanservices.com/wp-content/themes/u-design/scripts/script.js?ver=1.0	13 kB	2023-03-08	2024-01-23
Pretty URL qcleanservices.com/wp-content/themes/u-design/scripts/script.js?ver=1.0 IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:14:15 Last Seen2024-01-23 13:49:24 Times Seen10 Hash 2b2cee7ca707e19f35d96f93323c08ee 0a944fb1a03fdc0e01bfc6d7eef662c17ea53077 4f1e84b2cc4db8000763595516f07c5dbcc1fe3b9a732152aa286265a8203966 Loading...

	qcleanservices.com/work-estimate/	95 B	2023-03-07	2024-04-18
Pretty URL qcleanservices.com/work-estimate/ IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:35:42 Last Seen2024-04-18 11:28:03 Times Seen40 Hash ec2836350b2f6e6472a77c71d7944c65 995675ca2254b1dfd6e35b23dffb16d416e2deb5 6b08305f1581f20daa48e4810485a76afc618a75b0128bc8e19eb17cac4a5996 Loading...

	qcleanservices.com/wp-includes/js/comment-reply.min.js?ver=6.1	3.0 kB	2023-03-07	2024-04-18
Pretty URL qcleanservices.com/wp-includes/js/comment-reply.min.js?ver=6.1 IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-18 21:17:07 Times Seen29162 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	www.google-analytics.com/ga.js	46 kB	2023-03-07	2024-04-16
Pretty URL www.google-analytics.com/ga.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:00 Last Seen2024-04-16 23:24:27 Times Seen3495 Hash e9372f0ebbcf71f851e3d321ef2a8e5a 2c7d19d1af7d97085c977d1b69dcb8b84483d87c 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Loading...

	qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6	22 kB	2023-03-07	2024-04-18
Pretty URL qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6 IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:35:42 Last Seen2024-04-18 11:28:03 Times Seen484 Hash 3fc4b0fbed85ee642309ca1e9dfcd6fc d73f45229d0fb7bb5669a7b1948aabbcc7732337 3aa615cb3a824d574c0ec4df5dc107d21d25cbf6a676383c183512802ced0466 Loading...

	qcleanservices.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1	19 kB	2023-03-07	2024-04-18
Pretty URL qcleanservices.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1 IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 13:32:29 Times Seen37992 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	qcleanservices.com/wp-content/themes/u-design/scripts/superfish-menu/js/superfish.combined.js?ver=1.7.2	6.7 kB	2023-03-07	2024-04-18
Pretty URL qcleanservices.com/wp-content/themes/u-design/scripts/superfish-menu/js/superfish.combined.js?ver=1.7.2 IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:09:50 Last Seen2024-04-18 11:28:03 Times Seen97 Hash 3b1c5753c3accb46e66316a73bea58e6 3138804beea8d2b97dd5a11749ada34a4ec11ef2 b46048631e82a287b6f62cf1408c6018abf3aa29a1d1e4cc26d21f728fa1368f Loading...

	logicalwebsites.com/mforms2/embed.php?id=54	110 B	2023-03-07	2023-03-11
Pretty URL logicalwebsites.com/mforms2/embed.php?id=54 IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:03:28 Last Seen2023-03-11 20:23:49 Times Seen1 Hash 64149ec6bde016331f76cd2d6d59d453 e5ef18a0600ca0c3be2747f4e1e98452310d3941 d296e2abd621c7b3e971cb6dd96bce027a0a0539ec4ef798952fadfa2077c1fd Loading...

	qcleanservices.com/work-estimate/	2.1 kB	2023-03-11	2023-03-11
Pretty URL qcleanservices.com/work-estimate/ IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:23:49 Last Seen2023-03-11 23:32:10 Times Seen1 Hash c3494c8c4bc432a7011f056da335ea23 861ac1ea5ba163b87d97c7267976d38f86777c48 ece11e279d25a876b0f909ebf9cc1f9dec4812e87c1b8397ecc2ffc425023fb2 Loading...

	qcleanservices.com/wp-content/themes/u-design/scripts/responsive/selectnav/selectnav-options.js?ver=0.1	162 B	2023-03-07	2024-04-18
Pretty URL qcleanservices.com/wp-content/themes/u-design/scripts/responsive/selectnav/selectnav-options.js?ver=0.1 IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:35:42 Last Seen2024-04-18 11:28:03 Times Seen65 Hash 17613e88e90e44bd3373422bcc5d5b26 aa7fd75de85627517d6f863291d3dbf9c4947c9f d7482def0593e9ebd4e82f7330a11aedaaf847bcb3f0c97e632a0f663c0db0da Loading...

	logicalwebsites.com/mforms2/view.js	22 kB	2023-03-11	2023-03-11
Pretty URL logicalwebsites.com/mforms2/view.js IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:23:49 Last Seen2023-03-11 20:23:49 Times Seen1 Hash 1e0d8766f5720f77cb82f782b36ef03e 152a4d587d7093ae8ba89d671a6d6c827da58da2 0362c49de76cc3b0bf9411b3c504d3445933514229ab8828759d4e6bce4fd3e3 Loading...

	logicalwebsites.com/google_analytics_auto.js	430 B	2023-03-11	2023-03-11
Pretty URL logicalwebsites.com/google_analytics_auto.js IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:23:49 Last Seen2023-03-11 20:23:49 Times Seen1 Hash c4020f460c5be3d368128c1ea4f25767 b145c07bd68797566780cd6a1b7c10e1b4c31b86 b519c65f3b7bfafb5248a2105851bfe2b5901a3107a11368149b0f863b5b9a65 Loading...

	qcleanservices.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-19
Pretty URL qcleanservices.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 192.185.111.23 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 01:16:23 Times Seen68487 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

HTTP Transactions (63)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11312
Expires: Sat, 26 Nov 2022 05:21:29 GMT
Date: Sat, 26 Nov 2022 02:12:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13692
Expires: Sat, 26 Nov 2022 06:01:09 GMT
Date: Sat, 26 Nov 2022 02:12:57 GMT
Connection: keep-alive

qcleanservices.com/work-estimate

192.185.111.23

301 Moved Permanently

0 B

URL HTTP/1.1
qcleanservices.com/work-estimate
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /work-estimate HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 02:12:56 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://qcleanservices.com/work-estimate/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4038
Cache-Control: max-age=120335
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:12:57 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:38:32 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 0gfY4SQ5e3IkGkqO3haHNCtasPX86YRj5NHQyqPAupaYb5ZwzoVXJv6dM+hGheKb/P7q825MTl4=
x-amz-request-id: S1Z2M68ZM7KRHYRJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 01:41:01 GMT
age: 1916
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 01:19:10 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3227
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 02:12:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

qcleanservices.com/work-estimate/

192.185.111.23

200 OK

6.7 kB

URL HTTP/1.1
qcleanservices.com/work-estimate/
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
6.7 kB (6729 bytes)
Hash
ddac8215cc5c3ad04e4e1c3e2a6a3bc8
41fa3d43e180fb421c56e3b0411d87092b8d3f11
4095fdd8b2db8f4da5148f6145267e3665552129d2ac3da08456d36ddb873095

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /work-estimate/ HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Link: <https://qcleanservices.com/wp-json/>; rel="https://api.w.org/", <https://qcleanservices.com/wp-json/wp/v2/pages/23>; rel="alternate"; type="application/json", <https://qcleanservices.com/?p=23>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6729
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

fonts.googleapis.com/css?family=Montserrat%3Aregular&subset=latin

142.250.74.10

200 OK

499 B

URL HTTP/1.1
fonts.googleapis.com/css?family=Montserrat%3Aregular&subset=latin
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
499 B (499 bytes)
Hash
dc748e30c9b9ac486bd60a4aeff7bccd
bc0c3d81a2ddae7683344a0eba7fbe1921c01ffb
63fa5c13af9a7dd92bc58c92a67a8ac0845b1c035052e37195a59d89b48fc943

HTTP Headers

GET /css?family=Montserrat%3Aregular&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 26 Nov 2022 02:12:57 GMT
Date: Sat, 26 Nov 2022 02:12:57 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 02:08:53 GMT
cache-control: public,max-age=3600
age: 244
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

qcleanservices.com/wp-includes/css/classic-themes.min.css?ver=1

192.185.111.23

200 OK

189 B

URL HTTP/1.1
qcleanservices.com/wp-includes/css/classic-themes.min.css?ver=1
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 02:31:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 189
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css

qcleanservices.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1

192.185.111.23

200 OK

18 kB

URL HTTP/1.1
qcleanservices.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (47826)
Size
18 kB (17648 bytes)
Hash
ce0e5ecadb8556e34e8d0f0592d2a2c3
51f1555f20e4f6b175956c418043ded76723b319
47e01f663f19f36c4210924f522c89aebeefff2514281acae0d2682c73b3a86e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 02:31:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5889
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 02:12:57 GMT
Last-Modified: Sat, 26 Nov 2022 00:34:49 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

qcleanservices.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70

192.185.111.23

200 OK

239 B

URL HTTP/1.1
qcleanservices.com/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
239 B (239 bytes)
Hash
21fec527969cbcfec759744ce51f94c0
827130fb99b0005a5206028abfe82e93610184f2
fe2a280a5ffe9f5d3b1bf125035d478e46bae689a2f0cde07d48bef1ba7c74b1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 27 Jul 2021 16:05:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 239
Keep-Alive: timeout=5, max=75
Content-Type: text/css

qcleanservices.com/wp-content/themes/u-design/styles/common-css/reset.css?ver=1.0

192.185.111.23

200 OK

566 B

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/styles/common-css/reset.css?ver=1.0
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
566 B (566 bytes)
Hash
ca171b3c6ed39369781b77a66fdd641b
e5add0a1df54163d67c54d3bd577c4b5a6871693
e08a05d3392ece5426a1c7462375f087e79eba76b0cbcd06f1fd9d7be5de88e8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/styles/common-css/reset.css?ver=1.0 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 03 Aug 2017 21:57:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 566
Keep-Alive: timeout=5, max=75
Content-Type: text/css

qcleanservices.com/wp-content/themes/u-design/scripts/superfish-menu/css/superfish.css?ver=1.7.2

192.185.111.23

200 OK

1.3 kB

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/scripts/superfish-menu/css/superfish.css?ver=1.7.2
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.3 kB (1298 bytes)
Hash
005f50c1eafb98ad49175c1b3080d81b
f2978e9c8e4428d8294c305483df450300a5f921
c96b235fd9f4612591281f69f58973aa3ce55dcf52fb46e2c7836668c33e3aa3

HTTP Headers

GET /wp-content/themes/u-design/scripts/superfish-menu/css/superfish.css?ver=1.7.2 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1298
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css

qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/css/prettyPhoto.css?ver=3.1.6

192.185.111.23

200 OK

3.9 kB

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/css/prettyPhoto.css?ver=3.1.6
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (402)
Size
3.9 kB (3901 bytes)
Hash
f1cb42741ab71d612b92bd9a6ab219ff
32b6114b91077cb86fb3574b7c3febd442370b32
662250240c0c1b423964e0d662e88d2201a080edb94b4ac64ca56e6b279db828

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/scripts/prettyPhoto/css/prettyPhoto.css?ver=3.1.6 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 03 Aug 2017 21:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3901
Keep-Alive: timeout=5, max=75
Content-Type: text/css

qcleanservices.com/wp-content/themes/u-design/styles/common-css/font-awesome/css/font-awesome.min.css?ver=2.13.3

192.185.111.23

200 OK

7.1 kB

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/styles/common-css/font-awesome/css/font-awesome.min.css?ver=2.13.3
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7114 bytes)
Hash
82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069

HTTP Headers

GET /wp-content/themes/u-design/styles/common-css/font-awesome/css/font-awesome.min.css?ver=2.13.3 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 03 Aug 2017 21:57:30 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7114
Keep-Alive: timeout=5, max=75
Content-Type: text/css

qcleanservices.com/wp-content/themes/u-design/styles/style1/css/style.css?ver=2.13.3

192.185.111.23

200 OK

24 kB

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/styles/style1/css/style.css?ver=2.13.3
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
24 kB (23846 bytes)
Hash
48b85a330ffda3abd8822c412ca2f960
8a54145f3f8130d15dc7dd9d4d1bc980b5f52ac1
cb48f998cd9d170df01ff5a8530dea8e46a06c6deb0b1766dbbe1cb1719707bb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/styles/style1/css/style.css?ver=2.13.3 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css

qcleanservices.com/wp-content/themes/u-design/styles/custom/custom_style.css?ver=2.13.3.1606881660

192.185.111.23

200 OK

2.5 kB

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/styles/custom/custom_style.css?ver=2.13.3.1606881660
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
2.5 kB (2518 bytes)
Hash
e9e707ba955794679b22c82070e9a3b3
20c4f0f60ed65d0e0dfcf13215f7b8b8daaeb4ec
019ae4d5765ec8362a315d8f0fc3bb9eabd487f8ecedcac2942bbe9c84f950ed

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/styles/custom/custom_style.css?ver=2.13.3.1606881660 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 04:01:00 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2518
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css

qcleanservices.com/wp-content/themes/u-design/styles/common-css/responsive.css?ver=2.13.3

192.185.111.23

200 OK

11 kB

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/styles/common-css/responsive.css?ver=2.13.3
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
11 kB (11092 bytes)
Hash
07d6170ff94b172ab2a07234f89c1cd3
ad3b0943a61f97caf3bb0a98b59a87c0fe130e65
e81d3dfb5892059fec34328605b8adf55bb76c57724300b9aa9ca0a2a1382e61

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/styles/common-css/responsive.css?ver=2.13.3 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11092
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css

qcleanservices.com/wp-content/themes/u-design/style.css?ver=2.13.3

192.185.111.23

200 OK

881 B

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/style.css?ver=2.13.3
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (649), with CRLF line terminators
Size
881 B (881 bytes)
Hash
59705fbe1d24d1c1ca17960a0849fdc1
4701ca4411c630a101705ef49b0ed6ee23f991eb
16a239f49c28217ed2456b6b4eb41f95a4d7c347cf49f851ccdeedf6c795db0f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/style.css?ver=2.13.3 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:18 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 881
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css

qcleanservices.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

192.185.111.23

200 OK

4.6 kB

URL HTTP/1.1
qcleanservices.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4618 bytes)
Hash
acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Thu, 19 Nov 2020 09:31:13 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4618
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript

qcleanservices.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1

192.185.111.23

200 OK

5.3 kB

URL HTTP/1.1
qcleanservices.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (15660)
Size
5.3 kB (5321 bytes)
Hash
710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Wed, 27 Jul 2022 04:14:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5321
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83d93e073c818e158e63014349e5e5cc
a2010d49ebfd113ada376b9547e48b6dd98d1e76
1a6ec0f3f6149d0031da73f527ba7556f77eca00eca64191a72c9517de2daa63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A6EC0F3F6149D0031DA73F527BA7556F77ECA00ECA64191A72C9517DE2DAA63"
Last-Modified: Thu, 24 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21572
Expires: Sat, 26 Nov 2022 08:12:29 GMT
Date: Sat, 26 Nov 2022 02:12:57 GMT
Connection: keep-alive

qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6

192.185.111.23

200 OK

7.5 kB

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (21225)
Size
7.5 kB (7456 bytes)
Hash
a65f869a598d2a2738e50d80e878576c
690ea23c74def22c7d00eac8eac4f7f41a63c0ec
13d955d1d066967dd24b3f686fd213d584975a11aa1338de870aaccf1eb393ac

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/scripts/prettyPhoto/js/jquery.prettyPhoto.js?ver=3.1.6 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7456
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript

qcleanservices.com/wp-content/themes/u-design/scripts/superfish-menu/js/superfish.combined.js?ver=1.7.2

192.185.111.23

200 OK

2.9 kB

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/scripts/superfish-menu/js/superfish.combined.js?ver=1.7.2
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (3922)
Size
2.9 kB (2935 bytes)
Hash
3215a45d628e34d84651ae43870852e2
bb6353dfd52e943fc786387bf8d07613caabd279
a82ee40dbb520f6e75521b3bc5e8b0d94e00702cf8801d83139823b0eaccf211

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/scripts/superfish-menu/js/superfish.combined.js?ver=1.7.2 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2935
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript

qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/custom_params.js?ver=3.1.6

192.185.111.23

200 OK

2.2 kB

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/scripts/prettyPhoto/custom_params.js?ver=3.1.6
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with very long lines (634), with CRLF line terminators
Size
2.2 kB (2241 bytes)
Hash
91ccb86ed696b79a4b22cb727d8e29b7
e19ce43649d2eea1e4fceee3b562854c8f9ab386
c6c6a17cc7cccacfd051326f10368113bb6ff95e68afac7c3ec0a921858dbe7d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/scripts/prettyPhoto/custom_params.js?ver=3.1.6 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2241
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript

push.services.mozilla.com/

35.86.38.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.86.38.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: n+v8lbPx+k4zXLi37YqmMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cmj1QLCNTr8sQmbr2TVm7n8GQw4=

qcleanservices.com/wp-content/themes/u-design/scripts/script.js?ver=1.0

192.185.111.23

200 OK

4.8 kB

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/scripts/script.js?ver=1.0
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with CRLF line terminators
Size
4.8 kB (4793 bytes)
Hash
822c95bc1a2f63f6d02010d0a7a51a76
3d59da1bc651fcfcea8037a87c6328ab0f6861a7
36a109354eb8f3803e297aab25440e090da7409b8d8500414a39056b925e29ad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/scripts/script.js?ver=1.0 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4793
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript

qcleanservices.com/wp-content/themes/u-design/scripts/responsive/selectnav/selectnav.min.js?ver=0.1

192.185.111.23

200 OK

897 B

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/scripts/responsive/selectnav/selectnav.min.js?ver=0.1
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (1593)
Size
897 B (897 bytes)
Hash
3831b35d2fae09546af324547cbebd70
d1f0937c4a219e31caf4a69e4bb52510c7721d00
37247d5787588caf93bde783d485a8ee9c2110569d1a976dd3db7819b868e34f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/scripts/responsive/selectnav/selectnav.min.js?ver=0.1 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:58 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 897
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript

qcleanservices.com/wp-content/themes/u-design/scripts/responsive/selectnav/selectnav-options.js?ver=0.1

192.185.111.23

200 OK

133 B

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/scripts/responsive/selectnav/selectnav-options.js?ver=0.1
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
133 B (133 bytes)
Hash
96d2a7028720dd093bdfe4eb83e6d8b9
1dbb87776e7cbbad153a10b4775d9874f48076dc
1fc91d4b8497f091af5523b3fcc08342182dd219137b2ff292cd94157edf1350

HTTP Headers

GET /wp-content/themes/u-design/scripts/responsive/selectnav/selectnav-options.js?ver=0.1 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:58 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 133
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript

qcleanservices.com/wp-includes/js/comment-reply.min.js?ver=6.1

192.185.111.23

200 OK

1.5 kB

URL HTTP/1.1
qcleanservices.com/wp-includes/js/comment-reply.min.js?ver=6.1
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (2946)
Size
1.5 kB (1477 bytes)
Hash
92712acce6ce836d0a929b1800b4f9d6
8157d1380bb1d6dadfd85565dd464bb5b0ed06bd
2f82d181a2cadadf7d898d7f5ea2eb527106fb6413044b55fbfa4fb0081a2e09

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=6.1 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:58 GMT
Server: Apache
Last-Modified: Wed, 27 Jul 2022 04:14:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1477
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: application/javascript

qcleanservices.com/wp-content/themes/u-design/styles/style1/css/text.css?ver=1.0

192.185.111.23

200 OK

671 B

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/styles/style1/css/text.css?ver=1.0
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
671 B (671 bytes)
Hash
58589a5347fd31a5db36a05cd696c05b
4c3c38794a5f643afb5b63b7e673f2ddf2359eed
2ffaeb535a6f053fc74e48f9714a6ca8d8f46eb2a0f5d6148e6cdcb919204a39

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/styles/style1/css/text.css?ver=1.0 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:58 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:26 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 671
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css

qcleanservices.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

192.185.111.23

200 OK

39 kB

URL HTTP/1.1
qcleanservices.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65447)
Size
39 kB (39153 bytes)
Hash
32f58a61f7c5a7e10f8b2dcf8e9a8e34
865c25589283ab1debd45bdfa6c4d8c6ecf15ad3
481cb2216fbdb0797af8c61b69c0bda2c10d025f7b11f2cdfac382d35dc45d63

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:57 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 02:31:39 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

qcleanservices.com/wp-content/themes/u-design/styles/common-css/960.css?ver=1.0

192.185.111.23

200 OK

1.3 kB

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/styles/common-css/960.css?ver=1.0
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
1.3 kB (1345 bytes)
Hash
db80bd090dd1dcee6b691a44a3282d7a
377dfb2d8659afeb72f325e11afe73908c19e36a
b4f5fe24a7614c23cd170055312627a33e19a4718babfe78e078b2d71448c907

HTTP Headers

GET /wp-content/themes/u-design/styles/common-css/960.css?ver=1.0 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:58 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1345
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css

fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

216.58.207.195

200 OK

13 kB

URL HTTP/1.1
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Size
13 kB (12708 bytes)
Hash
b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

HTTP Headers

GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://qcleanservices.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 12708
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 25 Nov 2022 16:09:29 GMT
Expires: Sat, 25 Nov 2023 16:09:29 GMT
Cache-Control: public, max-age=31536000
Age: 36209
Last-Modified: Mon, 11 Jul 2022 18:55:59 GMT
Content-Type: font/woff2

qcleanservices.com/wp-content/uploads/2016/04/qclean-400x150.png

192.185.111.23

200 OK

41 kB

URL HTTP/2
qcleanservices.com/wp-content/uploads/2016/04/qclean-400x150.png
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 400 x 150, 8-bit/color RGB, non-interlaced\012- data
Size
41 kB (40839 bytes)
Hash
21b360dcdc257320c66bc2453d841fd9
2818388fcf234a616e38ed24820954bb227dae3d
f1daf5d9ddbddf12a69f832d9d9819eb20b7e7b3be65372a49cf9127400f0d42

HTTP Headers

GET /wp-content/uploads/2016/04/qclean-400x150.png HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://qcleanservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 22 Apr 2016 13:39:50 GMT
accept-ranges: bytes
content-length: 40839
content-type: image/png
date: Sat, 26 Nov 2022 02:12:58 GMT
server: Apache
X-Firefox-Spdy: h2

qcleanservices.com/wp-content/themes/u-design/styles/style1/images/heading_underline.png

192.185.111.23

200 OK

101 B

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/styles/style1/images/heading_underline.png
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 1 x 2, 1-bit colormap, non-interlaced\012- data
Size
101 B (101 bytes)
Hash
95705e778370c94d547be964419a97b7
4da9a69cf1d0733ea7081ef1ce6f0e17780af5ab
26ad5e6a1f3ba0c50854f7bd26263456de59c54aa7c182db960d13a081a3e64e

HTTP Headers

GET /wp-content/themes/u-design/styles/style1/images/heading_underline.png HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/wp-content/themes/u-design/styles/style1/css/style.css?ver=2.13.3

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:58 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:26 GMT
Accept-Ranges: bytes
Content-Length: 101
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/png

qcleanservices.com/wp-content/themes/u-design/styles/common-images/main-menu-btm-border.png

192.185.111.23

200 OK

101 B

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/styles/common-images/main-menu-btm-border.png
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 5 x 2, 1-bit colormap, non-interlaced\012- data
Size
101 B (101 bytes)
Hash
a9845af11738b95171776b3c87658419
d2dcf75d6456274006f13a7ec314ce19c2fa44f1
532d807812fb9f9a84e3dd49c8b4e4248d010e78026a9a2c23fd1bfc10d7d0ab

HTTP Headers

GET /wp-content/themes/u-design/styles/common-images/main-menu-btm-border.png HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/wp-content/themes/u-design/styles/style1/css/style.css?ver=2.13.3

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:58 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:22 GMT
Accept-Ranges: bytes
Content-Length: 101
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: image/png

qcleanservices.com/wp-content/themes/u-design/styles/common-images/home-page-content-top.png

192.185.111.23

200 OK

107 B

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/styles/common-images/home-page-content-top.png
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 3 x 3, 2-bit colormap, non-interlaced\012- data
Size
107 B (107 bytes)
Hash
16b798e07e890b63893929f9d2cda2aa
e78149d13476635b24de2037edf0633109129acd
99772201d33535841b3622ab907f0b27d1ffc1feced0c5fb383f65a6dce8bd78

HTTP Headers

GET /wp-content/themes/u-design/styles/common-images/home-page-content-top.png HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/wp-content/themes/u-design/styles/custom/custom_style.css?ver=2.13.3.1606881660

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:58 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:22 GMT
Accept-Ranges: bytes
Content-Length: 107
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/png

qcleanservices.com/wp-content/themes/u-design/styles/common-css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

192.185.111.23

200 OK

77 kB

URL HTTP/1.1
qcleanservices.com/wp-content/themes/u-design/styles/common-css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/u-design/styles/common-css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://qcleanservices.com/wp-content/themes/u-design/styles/common-css/font-awesome/css/font-awesome.min.css?ver=2.13.3

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:58 GMT
Server: Apache
Last-Modified: Thu, 03 Aug 2017 21:57:30 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: font/woff2

qcleanservices.com/favicon.ico

192.185.111.23

302 Found

0 B

URL HTTP/1.1
qcleanservices.com/favicon.ico
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/work-estimate/

HTTP/1.1 302 Found
Date: Sat, 26 Nov 2022 02:12:58 GMT
Server: Apache
Link: <https://qcleanservices.com/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: http://qcleanservices.com/wp-includes/images/w-logo-blue-white-bg.png
Content-Length: 0
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

qcleanservices.com/wp-includes/images/w-logo-blue-white-bg.png

192.185.111.23

200 OK

4.1 kB

URL HTTP/1.1
qcleanservices.com/wp-includes/images/w-logo-blue-white-bg.png
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: qcleanservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://qcleanservices.com/work-estimate/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:58 GMT
Server: Apache
Last-Modified: Thu, 21 May 2020 09:10:12 GMT
Accept-Ranges: bytes
Content-Length: 4119
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/png

logicalwebsites.com/mforms2/embed.php?id=54

192.185.111.23

200 OK

1.8 kB

URL HTTP/1.1
logicalwebsites.com/mforms2/embed.php?id=54
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.8 kB (1829 bytes)
Hash
539b996e8ffb1b8127c441fc34498244
9ddc7493cb1dcbc92ec5bea0fc2412923dd4dc8e
35e0ba1e6b2b3829a831f128f192697d4b4cb73ee0f238b8d403777269ae31b9

HTTP Headers

GET /mforms2/embed.php?id=54 HTTP/1.1
Host: logicalwebsites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://qcleanservices.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:58 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=38a0a83b2fe602c45c59b68c064e3853; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1829
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Sat, 26 Nov 2022 03:21:00 GMT
Date: Sat, 26 Nov 2022 02:12:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Sat, 26 Nov 2022 03:21:00 GMT
Date: Sat, 26 Nov 2022 02:12:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b25450-4da4-45fe-97c4-620a26a2ac8f.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b25450-4da4-45fe-97c4-620a26a2ac8f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11186 bytes)
Hash
2f470fab0957e148a9c58dfeedc72463
2f88534696701cfdaf7e2aa78f6d4b8766a2b77f
c2c5617f8fbf3860578a9bcf821dea13e3225ccd02774f29f4bf022e4abd9ff9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b25450-4da4-45fe-97c4-620a26a2ac8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11186
x-amzn-requestid: 67dbfbd2-ba7f-4540-8d2c-5c2c4de21cae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUf7HGdIAMFhow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813465-36b0d8fc4bdb5faf328bd99d;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:21 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vFbudY9zvK4DwTVXff4-nDPTFtYqktJb4n9wrLx4zL4nsz_bc6U4qA==
via: 1.1 7b00c3fd9220034414107b03e53b1b8e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:03:28 GMT
age: 14971
etag: "2f88534696701cfdaf7e2aa78f6d4b8766a2b77f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4366 bytes)
Hash
abd79421a3c44a8df11ad2cc50083309
8665e5f3026f2c2b9505eb139c478f4d359851c3
3a66b00498fa1322730705b1c4502614b5a520ac3f884f494d65e27a5bb62c3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4366
x-amzn-requestid: ce25f5ab-0c92-431e-ae4e-618829594a74
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVNZFjHoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813588-6a3a8dff70e717011e3a0606;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CkXSlYXZ0DFVjVSVin4Km3_9nETFtQ8Qf6f2V5kjuwoCejVH3Qk0Qg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:47:48 GMT
age: 15911
etag: "8665e5f3026f2c2b9505eb139c478f4d359851c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8078 bytes)
Hash
70fae9ac56bb7676177d4252757f0180
bd3027af47f20f4bb9ac36cd9e4493e28e6b041c
1378749f1b28b6c56b8e76418fc5dd59cf608a4e64c1e1067b4f19df10233afc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7c216e6-fb54-4285-8656-a1e15990a37a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8078
x-amzn-requestid: e199b062-09f2-46b8-a8ee-6d7b782f7359
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVC7GT2oAMF5XA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813545-485ea8fd3e785be748834efd;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yJdSAEHw1AFVsBFBSX5G6rqED3Kpi_P69vtTrVVE1vFDtl3XMsyJ4g==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:31:51 GMT
age: 13268
etag: "bd3027af47f20f4bb9ac36cd9e4493e28e6b041c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9049 bytes)
Hash
c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: utbUF-6Z7rMqPNdRKHJyI-IZoyTy6HpkNBY-60xcZ-6NDXBz1XN6-Q==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:40 GMT
age: 15859
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Sat, 26 Nov 2022 03:21:00 GMT
Date: Sat, 26 Nov 2022 02:12:59 GMT
Connection: keep-alive

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3502 bytes)
Hash
a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 06:35:07 GMT
age: 70672
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Sat, 26 Nov 2022 03:21:00 GMT
Date: Sat, 26 Nov 2022 02:12:59 GMT
Connection: keep-alive

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 77655
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

logicalwebsites.com/mforms2/data/form_54/css/view.css

192.185.111.23

200 OK

13 kB

URL HTTP/1.1
logicalwebsites.com/mforms2/data/form_54/css/view.css
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF, LF line terminators
Size
13 kB (12938 bytes)
Hash
b8d89dc6dbb9280d1c962a05e9ce41fa
6b627f570ca29d768120097b07fd1ef24e723c69
3ce88c832b7282fc8d96f56f345e7a81b57b9368076e1e755359624c00304d98

HTTP Headers

GET /mforms2/data/form_54/css/view.css HTTP/1.1
Host: logicalwebsites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://logicalwebsites.com/mforms2/embed.php?id=54

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:59 GMT
Server: Apache
Last-Modified: Wed, 31 Oct 2018 20:05:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12938
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css

logicalwebsites.com/mforms2/view.mobile.css

192.185.111.23

200 OK

2.2 kB

URL HTTP/1.1
logicalwebsites.com/mforms2/view.mobile.css
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
2.2 kB (2168 bytes)
Hash
37a57ce2642d5d46b6b4f7a85aa0122a
25f5d7c5e21e55690d3349845a8ad05ca12aa6a6
ea54bd7ad7947cd788ad2ebd09ffb61d6cd1339918eeb6e2dc9c4a71cabb2c21

HTTP Headers

GET /mforms2/view.mobile.css HTTP/1.1
Host: logicalwebsites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://logicalwebsites.com/mforms2/embed.php?id=54

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 15 Sep 2018 20:16:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2168
Keep-Alive: timeout=5, max=75
Content-Type: text/css

logicalwebsites.com/mforms2/js/jquery.ba-postmessage.min.js

192.185.111.23

200 OK

654 B

URL HTTP/1.1
logicalwebsites.com/mforms2/js/jquery.ba-postmessage.min.js
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (816)
Size
654 B (654 bytes)
Hash
886f4100e311e1c0e8e0b5f2de34ccfa
52ecde4b6cc4c64dbfea4f1468c3f16cf7832dff
3ef62705b76cf39686f483d7bf3ff352de4bcd82612649685ac6874e8f4e50f6

HTTP Headers

GET /mforms2/js/jquery.ba-postmessage.min.js HTTP/1.1
Host: logicalwebsites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://logicalwebsites.com/mforms2/embed.php?id=54

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 15 Sep 2018 20:16:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 654
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript

logicalwebsites.com/mforms2/view.js

192.185.111.23

200 OK

7.2 kB

URL HTTP/1.1
logicalwebsites.com/mforms2/view.js
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
7.2 kB (7180 bytes)
Hash
241c014e013f59f0fe6c50f3a6329eda
f605814144e152e2fc1e432b6aa503fd6eff2897
711668a9b2f3d14ff022eb3c38f99a6972cb17f54eba8382186275f74c150374

HTTP Headers

GET /mforms2/view.js HTTP/1.1
Host: logicalwebsites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://logicalwebsites.com/mforms2/embed.php?id=54

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 15 Sep 2018 20:16:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7180
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript

logicalwebsites.com/google_analytics_auto.js

192.185.111.23

200 OK

299 B

URL HTTP/1.1
logicalwebsites.com/google_analytics_auto.js
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
299 B (299 bytes)
Hash
9ef0f52c467b2e499b23a52829defbcc
d0e647ffc004400c4b0baa51b24968100e5cfe9b
b8fdb98626dfe94c81220691964b14d31ae06c6de48ff2477002447bf90b7599

HTTP Headers

GET /google_analytics_auto.js HTTP/1.1
Host: logicalwebsites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://logicalwebsites.com/mforms2/embed.php?id=54

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:59 GMT
Server: Apache
Last-Modified: Wed, 10 Aug 2011 20:03:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 299
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript

logicalwebsites.com/mforms2/js/jquery.min.js

192.185.111.23

200 OK

38 kB

URL HTTP/1.1
logicalwebsites.com/mforms2/js/jquery.min.js
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32058)
Size
38 kB (38018 bytes)
Hash
158ed1f63711a0812b7c2b396cbaa6e7
1a6fe374f9c4963adc88db33dd128d324fceb9f2
811e8097bc41bb848b417ed7626ec9f8f8d8b682c664f8f2890ed4b57371e60b

HTTP Headers

GET /mforms2/js/jquery.min.js HTTP/1.1
Host: logicalwebsites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://logicalwebsites.com/mforms2/embed.php?id=54

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 15 Sep 2018 20:16:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript

logicalwebsites.com/mforms2/js/jquery-ui-1.12/effect.js

192.185.111.23

200 OK

14 kB

URL HTTP/1.1
logicalwebsites.com/mforms2/js/jquery-ui-1.12/effect.js
IP
192.185.111.23:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
14 kB (14543 bytes)
Hash
7924c64b4b98c18ba5865538e6d0fcd9
4dde20a438295de75461d9f9c52970c91eb0ed51
e1c1416e281696c03a89001d519be329c7fc1f162f89fd63188fa0222bcf9290

HTTP Headers

GET /mforms2/js/jquery-ui-1.12/effect.js HTTP/1.1
Host: logicalwebsites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://logicalwebsites.com/mforms2/embed.php?id=54

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 02:12:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sat, 15 Sep 2018 20:16:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14543
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript

www.google-analytics.com/ga.js

142.250.74.174

200 OK

17 kB

URL HTTP/1.1
www.google-analytics.com/ga.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1305)
Size
17 kB (17168 bytes)
Hash
01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d

HTTP Headers

GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://logicalwebsites.com/

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sat, 26 Nov 2022 01:05:57 GMT
Expires: Sat, 26 Nov 2022 03:05:57 GMT
Cache-Control: public, max-age=7200
Age: 4022
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations