GET www.qai-amazon.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min28fc28fc.css?ver=3.23.3
200 OK 11 kB URL
www.qai-amazon.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min28fc28fc.css?ver=3.23.3
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type ASCII text, with very long lines (11076)
First Seen 2024-08-06
Last Seen 2025-07-28
Times Seen 282
Size 11 kB (11120 bytes)
MD5 216c32f3990959583529768174c4b9e4
SHA1 cb7a9e23bbb20c79bf32bb635798bcca80072266
SHA256 913f6d5b0c7fd111d450761896a3b2bfab7dde8dcdacc7aeaa5b578616ad97de
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend-lite.min28fc28fc.css?ver=3.23.3 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:45 GMT
content-type: text/css
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6832042e-2b70"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XIrSkvo12WNVJPVE3v%2BeDW%2FhLAZbHKOVX9WMGPjHQxlNADH%2BBDRQjG%2BUi7U2KJpDaWDofW0ly5qZ%2F0KAXAOhjGjXqOkBXxZXSTstuT5NtLw%3D"}]}
cf-ray: 9621d9153c2456cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
200 OK 9.9 kB URL
www.qai-amazon.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type ASCII text, with very long lines (9889)
First Seen 2024-08-05
Last Seen 2025-07-28
Times Seen 297
Size 9.9 kB (9929 bytes)
MD5 805d27475ef38c74e5e68d2befcc8e58
SHA1 43540b8ffc718b0ed90780561c13efabf033cb9f
SHA256 bbc96bd41ebaa607b767d15173a1651774c40613a3e0d21bb0c2b27bf57d51bf
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:45 GMT
content-type: text/css
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6832042e-26c9"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=6OukwslDz0ylwR7OKdse2U3%2F2XOuChXmXq5FmIaWNBjJBHsYO%2FREAsSs5FOjGDEMBhwUMQGVEYBOGkAM7NvfRKqxukby8oTvNAdtUJj1f%2FI%3D"}]}
cf-ray: 9621d9154c4656cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/plugins/elementor/assets/js/webpack.runtime.mind5d5d5d5.js?ver=3.23.4
200 OK 5.0 kB URL
www.qai-amazon.com/wp-content/plugins/elementor/assets/js/webpack.runtime.mind5d5d5d5.js?ver=3.23.4
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (4957)
First Seen 2024-08-05
Last Seen 2025-08-02
Times Seen 1402
Size 5.0 kB (4997 bytes)
MD5 65aed095bbea6c79aefa67ab240f55e6
SHA1 237a4e165dadfb8c7ccd5cf3653365a4f4fedcca
SHA256 612c7268d82895019e8b18ec61941fd00d0ada067dae8facb7b9c2bade385a4d
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.mind5d5d5d5.js?ver=3.23.4 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: application/javascript; charset=utf-8
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6832042e-1385"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wSgQLFG%2BXOw0enFUlZnLHueq02vZ343bZqHJTJ01HKMeBWQJGubtdUM6MygTcasgLfDFDNGCoDAxi9lTG2ifO1O0hyjpU6u9%2F%2BR9wZ5GEGc%3D"}]}
cf-ray: 9621d9155c5756cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/plugins/elementor/assets/js/frontend-modules.mind5d5d5d5.js?ver=3.23.4
200 OK 74 kB URL
www.qai-amazon.com/wp-content/plugins/elementor/assets/js/frontend-modules.mind5d5d5d5.js?ver=3.23.4
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (65496)
First Seen 2024-08-05
Last Seen 2025-08-02
Times Seen 1380
Size 74 kB (73568 bytes)
MD5 4f8bba8f628df726ea180cae2123cbce
SHA1 b0fcff669c228dd3c29ba046c8757570f137553c
SHA256 f4d7dcc49b91d63d4175cd0bcbf3547aa4ef1eeb2b5839d74bee58cb2775afde
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.mind5d5d5d5.js?ver=3.23.4 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: application/javascript; charset=utf-8
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6832042e-11f60"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=o4yX0comvsCcnQL4OgMJtjtHrOBznzHqAEjvl%2FFtgxs97SFohMUNbDP6ek9Hfx97%2FBnC3waqPSot4XEj0tugdQyCOs%2BK99qMPvM%2FOuQniQ0%3D"}]}
cf-ray: 9621d9156c6956cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/www.statcounter.com/counter/counter.js
404 Not Found 281 B URL
www.qai-amazon.com/www.statcounter.com/counter/counter.js
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type HTML document, ASCII text
First Seen 2025-07-20
Last Seen 2025-07-20
Times Seen 1
Size 281 B (281 bytes)
MD5 e73128305c945e10a250ba392abbea95
SHA1 ebbcde60007524d71a1ab271411292c5eca91e7c
SHA256 d8f656cd4ccf0f172cf62c8529080fe83f8c59a447c949a703af0e84cfc45c7c
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /www.statcounter.com/counter/counter.js HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: text/html; charset=iso-8859-1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZciKT6Yq8643wkg4knmGddSkAli9WwUx6u2YRg%2FGG0j5ZtM5icyPvpZ8v6ezm1jEmkWbOV%2FMmW7llrR6gf6rf6SLKWjZZj4q25wFWIegnfIXNvDtuvEogsn5e7lSr6PAsHGRE3s%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
content-encoding: br
cf-ray: 9621d91578af56ba-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2988&min_rtt=597&rtt_var=2547&sent=103&recv=129&lost=0&retrans=0&sent_bytes=13915&recv_bytes=9227&delivery_rate=529345&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=8221c7774f256aec&ts=608&inflight_dur=10&x=40"
GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
200 OK 8.0 kB URL
fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP / ASN
142.250.178.99
#15169 GOOGLE
Requested by https://www.qai-amazon.com/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0
First Seen 2023-04-05
Last Seen 2025-08-03
Times Seen 57758
Size 8.0 kB (8000 bytes)
MD5 72993dddf88a63e8f226656f7de88e57
SHA1 179f97ec0275f09603a8db94d4380eb584d81cd5
SHA256 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
Validity Mon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT
GET /s/poppins/v23/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.qai-amazon.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Jul 2025 21:38:17 GMT
expires: Thu, 16 Jul 2026 21:38:17 GMT
cache-control: public, max-age=31536000
age: 306209
last-modified: Wed, 23 Apr 2025 16:07:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/uploads/2024/10/aws_logo.png
200 OK 163 kB URL
www.qai-amazon.com/wp-content/uploads/2024/10/aws_logo.png
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type PNG image data, 1229 x 732, 8-bit/color RGBA, non-interlaced
First Seen 2025-05-12
Last Seen 2025-07-20
Times Seen 2
Size 163 kB (163194 bytes)
MD5 e6f92a47e2428601e24250d442202927
SHA1 641ce1e48093de5509b17806ea0eab289ac8cd63
SHA256 cc6138c0247a2fa57a9a6cbba3b0f516e4b06ebe86516cca9c843e9f91f2e16e
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2024/10/aws_logo.png HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: image/png
content-length: 163194
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "6832042e-27d7a"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Tx2nyFi2BItD5FKZ9FcDdWDt3r3KWXd1r2dNQexd5FTNZRxR1ysD%2B%2FHQhnvMF9F4YIaLHR%2F1aw1xMR559Da5u89hWI2JQQyj2G1N2z6mv7U%3D"}]}
cf-ray: 9621d9154c4356cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/uploads/2024/10/aws_logo.png
200 OK 163 kB URL
www.qai-amazon.com/wp-content/uploads/2024/10/aws_logo.png
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type PNG image data, 1229 x 732, 8-bit/color RGBA, non-interlaced
First Seen 2025-05-12
Last Seen 2025-07-20
Times Seen 2
Size 163 kB (163194 bytes)
MD5 e6f92a47e2428601e24250d442202927
SHA1 641ce1e48093de5509b17806ea0eab289ac8cd63
SHA256 cc6138c0247a2fa57a9a6cbba3b0f516e4b06ebe86516cca9c843e9f91f2e16e
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2024/10/aws_logo.png HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Cookie: _ga_PSXM8WDP11=GS2.1.s1753008106$o1$g0$t1753008106$j60$l0$h0; _ga=GA1.1.1393964757.1753008106
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: image/png
content-length: 163194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nc2FPgNg3GmhAKrNzWX1zbeQ3uW4nHQ%2FT6vWF%2B9d1ZafgKgqQrdtoxoVIeWyNce9tpQ5e5mkvvnhplfxARwve4KiGyZ0BJEmbBnxaWHmilRVQHpSzyVbXLSsa5i3bBf0FWi7g5I%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 24 May 2025 17:38:54 GMT
etag: "6832042e-27d7a"
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 9621d91b490456ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=541&min_rtt=0&rtt_var=247&sent=616&recv=214&lost=2&retrans=2&sent_bytes=691318&recv_bytes=15349&delivery_rate=13271816&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=35692&unsent_bytes=0&cid=8221c7774f256aec&ts=1350&inflight_dur=150&x=40"
GET www.qai-amazon.com/wp-content/plugins/elementor/assets/css/frontend-lite.mind5d5d5d5.css?ver=3.23.4
200 OK 212 kB URL
www.qai-amazon.com/wp-content/plugins/elementor/assets/css/frontend-lite.mind5d5d5d5.css?ver=3.23.4
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type ASCII text, with very long lines (65496)
First Seen 2024-08-05
Last Seen 2025-08-02
Times Seen 876
Size 212 kB (212120 bytes)
MD5 7375eb9ac771f2f8fe6377e8a67674c7
SHA1 e8387270c959bd9c17da70d09d730007cf63e368
SHA256 6f69140fa5c83536f52bcd3c902b44f35d9e9386d1575c6eb46b061893e3837d
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.mind5d5d5d5.css?ver=3.23.4 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: text/css
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6832042e-33c98"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=efoFmFGcnTvUrpev3v%2FwkzEJlzpEd3Q3Y0RwqDqITmwZW%2Bzkls1HNOIzXYSQ%2FRszbaQ%2FuqBlza6VtKqHyO6lXn7zYIzXCVx6ahCJlRI8lO4%3D"}]}
cf-ray: 9621d9152c1a56cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min94a494a4.css?ver=8.4.5
200 OK 16 kB URL
www.qai-amazon.com/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min94a494a4.css?ver=8.4.5
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type ASCII text, with very long lines (16214)
First Seen 2023-04-05
Last Seen 2025-08-03
Times Seen 22969
Size 16 kB (16471 bytes)
MD5 a2431bc290cf34e330e11ec4cfce1247
SHA1 32a53342901fef5f4f4dbb26a555e730f84437a4
SHA256 c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min94a494a4.css?ver=8.4.5 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:45 GMT
content-type: text/css
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6832042e-4057"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=q1L8QqpZ%2FoniNbiUNc%2BO2sya9L7QCBL9YA0ivWhpWs3MchrnP1qIUzffrN%2Fn1wcL3GHK7TmauW6r5YCPjDx5cK5UZGqLDW0A1ZOAvozJg50%3D"}]}
cf-ray: 9621d9152c1b56cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min05da05da.js?ver=4.0.2
200 OK 12 kB URL
www.qai-amazon.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min05da05da.js?ver=4.0.2
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (12198), with no line terminators
First Seen 2023-03-07
Last Seen 2025-08-03
Times Seen 28818
Size 12 kB (12198 bytes)
MD5 3819c3569da71daec283a75483735f7e
SHA1 ecd40a5cc6f0b76200c454ca880210dc301cfab8
SHA256 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min05da05da.js?ver=4.0.2 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lixmCPBLg8GUSKPGGsUQyHboMSpZZ%2Fh1Z%2BLvXNZloD%2BA9cofVUaueUxDDXHR5PScHmMsGh1ZWE3%2BgbWw9X9Ve6xQ0LC5xy4XlILD4ZjbgCDqMWsSolzpznYJy%2FAVuT%2FOF4JUtDU%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 24 May 2025 17:38:54 GMT
etag: W/"6832042e-2fa6"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
cf-ray: 9621d91578ab56ba-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2988&min_rtt=597&rtt_var=2547&sent=103&recv=129&lost=0&retrans=0&sent_bytes=13915&recv_bytes=9227&delivery_rate=529345&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=8221c7774f256aec&ts=606&inflight_dur=10&x=40"
GET www.qai-amazon.com/wp-content/plugins/elementor-pro/assets/js/frontend.min28fc28fc.js?ver=3.23.3
200 OK 25 kB URL
www.qai-amazon.com/wp-content/plugins/elementor-pro/assets/js/frontend.min28fc28fc.js?ver=3.23.3
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (25006)
First Seen 2024-08-06
Last Seen 2025-08-02
Times Seen 936
Size 25 kB (25050 bytes)
MD5 a0a2f51765a92a636852b44bdfc07f6a
SHA1 bc4a0e02ecd149e738b87ab6756ac1558da1b21e
SHA256 c440a64d637fe748b3872cd160dc9aabb3d9e5f2c8010675d1b949c99e34beb4
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min28fc28fc.js?ver=3.23.3 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xsk8aD2SPzdEqE7hAnGVM%2FTxlTOGqaBaXwmAQW9b01F%2Frnu%2BA51GXUYYsj92qGZxNRG98NetLXgmraNeVu5nBqrryLoKsNf4NxJ5rEOInQRpOQWbyX5XDZ%2F3p0XqrSezKMndMsk%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 24 May 2025 17:38:54 GMT
etag: W/"6832042e-61da"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
cf-ray: 9621d91578aa56ba-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2988&min_rtt=597&rtt_var=2547&sent=100&recv=129&lost=0&retrans=0&sent_bytes=9715&recv_bytes=9227&delivery_rate=529345&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=8221c7774f256aec&ts=605&inflight_dur=10&x=40"
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP / ASN
142.250.178.99
#15169 GOOGLE
Requested by https://www.qai-amazon.com/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
First Seen 2025-01-08
Last Seen 2025-08-03
Times Seen 98140
Size 40 kB (40128 bytes)
MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
Validity Mon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.qai-amazon.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Jul 2025 08:13:08 GMT
expires: Sat, 18 Jul 2026 08:13:08 GMT
cache-control: public, max-age=31536000
age: 181718
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 7.9 kB URL
fonts.gstatic.com/s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2
IP / ASN
142.250.178.99
#15169 GOOGLE
Requested by https://www.qai-amazon.com/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0
First Seen 2023-04-05
Last Seen 2025-08-03
Times Seen 104153
Size 7.9 kB (7884 bytes)
MD5 9212f6f9860f9fc6c69b02fedf6db8c3
SHA1 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
SHA256 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
Validity Mon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT
GET /s/poppins/v23/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.qai-amazon.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Jul 2025 21:38:36 GMT
expires: Thu, 16 Jul 2026 21:38:36 GMT
cache-control: public, max-age=31536000
age: 306190
last-modified: Wed, 23 Apr 2025 16:05:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/plugins/elementor/assets/js/frontend.mind5d5d5d5.js?ver=3.23.4
200 OK 40 kB URL
www.qai-amazon.com/wp-content/plugins/elementor/assets/js/frontend.mind5d5d5d5.js?ver=3.23.4
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (40209)
First Seen 2024-08-05
Last Seen 2025-08-02
Times Seen 1408
Size 40 kB (40249 bytes)
MD5 6e666e84ad32383368858b52a855e6ce
SHA1 c987c41ad3d9b2183b76dddfb30370ba76605228
SHA256 d472c6dc0eac7e2287635400d88ce4fe64211ba51929027fad3e45fa84b6c302
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.mind5d5d5d5.js?ver=3.23.4 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aXKtu7PBcf8%2B128PHg%2B1DTwhwvzeuHInhcMCr8QQTBMQSyMlxpsueCsWN9tNtButPRX1aYijc54fxFRjZsgwANePllGQCbPuRxpbS8DwR3E3wuq5gkyxfGQdVsH2zMJUCn8GHWI%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 24 May 2025 17:38:54 GMT
etag: W/"6832042e-9d39"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
cf-ray: 9621d91578ad56ba-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1076&min_rtt=0&rtt_var=1485&sent=126&recv=138&lost=0&retrans=0&sent_bytes=39376&recv_bytes=9628&delivery_rate=4216588&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=8221c7774f256aec&ts=640&inflight_dur=24&x=40"
GET www.qai-amazon.com/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_700.woff2
200 OK 133 kB URL
www.qai-amazon.com/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_700.woff2
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 132564, version 1.0
First Seen 2023-12-30
Last Seen 2025-07-20
Times Seen 113
Size 133 kB (132564 bytes)
MD5 dfb74c918564f217dbd02aef2b4c1b3e
SHA1 dc56f8308f3385b427ce85c20b9afc471be17c60
SHA256 bca42f8b5a5283b975115421b3b4171cf89b88bf39ef52538c9494860414c292
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_700.woff2 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Cookie: _ga_PSXM8WDP11=GS2.1.s1753008106$o1$g0$t1753008106$j60$l0$h0; _ga=GA1.1.1393964757.1753008106
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: font/woff2
content-length: 132564
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VN7NrPL9KUYwQOWqjbLKZFAPDaXydv%2Boqxs3HjZX8vOTlDDX6F27PJ4rknik7U2jtYWwn51SQrWN4%2FFgZrlvCGiahER%2Brm32v83r4afcmepCSV51scnRmTugt77toSOmCNzMRkg%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 24 May 2025 17:38:54 GMT
etag: "6832042e-205d4"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 9621d918b8cd56ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=302&min_rtt=0&rtt_var=334&sent=430&recv=189&lost=2&retrans=2&sent_bytes=438768&recv_bytes=13537&delivery_rate=13271816&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=34763&unsent_bytes=0&cid=8221c7774f256aec&ts=1155&inflight_dur=114&x=40"
200 OK 127 kB IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Resource Info
File type HTML document, Unicode text, UTF-8 text, with very long lines (20303), with CRLF line terminators
First Seen 2025-07-20
Last Seen 2025-07-20
Times Seen 1
Size 127 kB (126763 bytes)
MD5 07215c4b826162576140330e9f7c1f60
SHA1 83ba5f936d10f0131477c830cfe45396d2ee7482
SHA256 680125d08f1b3423d721315d10d41aef6a9434e60f79b238e6567e849940c1ce
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:45 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Sun, 20 Jul 2025 08:47:42 GMT
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=KIb2WC5Lq2UX%2B0kqFSbEEgj2anSXvBEqhYEGe1q%2BMTVx95oBwEwiFVu2BsNLfVi8nvW9II3tv%2BDGF7BvgemgVvLrALHBpZKIdUPl8c8I8aw%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9621d9115fd756cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/tools.luckyorange.com/core/loc0ee.js?site-id=16c78518
404 Not Found 281 B URL
www.qai-amazon.com/tools.luckyorange.com/core/loc0ee.js?site-id=16c78518
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type HTML document, ASCII text
First Seen 2025-07-20
Last Seen 2025-07-20
Times Seen 1
Size 281 B (281 bytes)
MD5 e73128305c945e10a250ba392abbea95
SHA1 ebbcde60007524d71a1ab271411292c5eca91e7c
SHA256 d8f656cd4ccf0f172cf62c8529080fe83f8c59a447c949a703af0e84cfc45c7c
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /tools.luckyorange.com/core/loc0ee.js?site-id=16c78518 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: text/html; charset=iso-8859-1
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2F4Ey4EoxZ6TrLZhb5kXdOv9CFUMruH%2BXBT9%2FxGmSDNP8bH6F318gZqT8ATLUip4X0U5fhLt0tMJpjEKxEBtKYNZ%2BU%2BS2dVGipzKTvp%2FY8rI%3D"}]}
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
content-encoding: br
cf-ray: 9621d9152c1856cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-PSXM8WDP11
200 OK 372 kB URL
www.googletagmanager.com/gtag/js?id=G-PSXM8WDP11
IP / ASN
142.250.74.136
#15169 GOOGLE
Requested by https://www.qai-amazon.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (5911)
First Seen 2025-07-20
Last Seen 2025-07-20
Times Seen 1
Size 372 kB (372532 bytes)
MD5 37806f94d44a2cb8c57e55a0dae139da
SHA1 7332d15fdd6941f722d22538d442ac720f788d4f
SHA256 96274902ecae23daa8416176763e1cad097348e5eca713e84926b6e38c2abc48
Certificate Info
Issuer Google Trust Services
Subject *.google-analytics.com
Fingerprint 3A:12:37:38:16:E5:9F:51:4E:B7:1D:5F:1F:C0:84:BB:92:EA:9E:20
Validity Mon, 23 Jun 2025 08:40:16 GMT - Mon, 15 Sep 2025 08:40:15 GMT
GET /gtag/js?id=G-PSXM8WDP11 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 20 Jul 2025 10:41:45 GMT
expires: Sun, 20 Jul 2025 10:41:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
server: Google Tag Manager
content-length: 126998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-includes/js/dist/hooks.min27572757.js?ver=2810c76e705dd1a53b18
200 OK 4.3 kB URL
www.qai-amazon.com/wp-includes/js/dist/hooks.min27572757.js?ver=2810c76e705dd1a53b18
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (4272)
First Seen 2024-04-03
Last Seen 2025-08-03
Times Seen 16801
Size 4.3 kB (4307 bytes)
MD5 072d3f6e5c446f57d5c544f9931860e2
SHA1 ee6aa3d65b474309376468b24bb6f829a4514809
SHA256 2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/hooks.min27572757.js?ver=2810c76e705dd1a53b18 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8eaY8n15R9GlIugcpmoPybwCY5Hqm79iCCM4YUCrVQ%2FAY%2FhisCOPRvD8fBMJlPXCRGOCZBxu%2Bo2QWmFz3u2trUtWubmAH4nCIk1W62OGiXMqMdaA301rbxmMY14R2%2BseYMKkm64%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 24 May 2025 17:38:54 GMT
etag: W/"6832042e-10d3"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
cf-ray: 9621d91568a856ba-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2398&min_rtt=0&rtt_var=2489&sent=105&recv=131&lost=0&retrans=0&sent_bytes=16715&recv_bytes=9316&delivery_rate=1295929&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=8221c7774f256aec&ts=612&inflight_dur=16&x=40"
GET www.qai-amazon.com/wp-includes/js/jquery/jquery-migrate.min55895589.js?ver=3.4.1
200 OK 14 kB URL
www.qai-amazon.com/wp-includes/js/jquery/jquery-migrate.min55895589.js?ver=3.4.1
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (13479)
First Seen 2023-05-09
Last Seen 2025-08-03
Times Seen 159981
Size 14 kB (13577 bytes)
MD5 9ffeb32e2d9efbf8f70caabded242267
SHA1 3ad0c10e501ac2a9bfa18f9cd7e700219b378738
SHA256 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min55895589.js?ver=3.4.1 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: application/javascript; charset=utf-8
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6832042e-3509"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=h3y58CPpXlGQCHJ2E6UvjKTibMqLqyes9eQcbF7YYKcXa7lQfNdg8UcYIcxmrm2jg2wPbFxKa3%2BYfGZfanRLaDG2LjIXxthO7407zRZehik%3D"}]}
cf-ray: 9621d9156c6656cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/themes/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt%2cwght.woff2
200 OK 327 kB URL
www.qai-amazon.com/wp-content/themes/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt%2cwght.woff2
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 326628, version 1.0
First Seen 2023-05-10
Last Seen 2025-08-03
Times Seen 2279
Size 327 kB (326628 bytes)
MD5 9c9cff93a0d5a209225c1bae18d80a9d
SHA1 40546dbfd5c467c3257d8f3a4ad8af0d9995aeb6
SHA256 e931823ffd0b6cfd1624e3a7c1c49861ed3420297862e727f07e04c8be1cc89b
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt%2cwght.woff2 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Cookie: _ga_PSXM8WDP11=GS2.1.s1753008106$o1$g0$t1753008106$j60$l0$h0; _ga=GA1.1.1393964757.1753008106
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: font/woff2
content-length: 326628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dy2lL1DtTSqnXXjxKICfY%2BNgSwDO1uwFdqezrQs0%2B0tkx4sJO45UPedfpdAYFzqxkJeW4KrTYpZulim2e6zy8Mo5hZsBUZZvOlNVpnMjnRkG9QE4IsRzE13NR2HFTsWa%2FzF8T9g%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 24 May 2025 17:38:54 GMT
etag: "6832042e-4fbe4"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 9621d918a8cb56ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=844&min_rtt=0&rtt_var=769&sent=170&recv=147&lost=0&retrans=0&sent_bytes=90603&recv_bytes=11537&delivery_rate=5332061&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=23194&unsent_bytes=0&cid=8221c7774f256aec&ts=1032&inflight_dur=61&x=40"
GET www.qai-amazon.com/wp-content/uploads/2024/10/aws_logo.png
200 OK 163 kB URL
www.qai-amazon.com/wp-content/uploads/2024/10/aws_logo.png
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type PNG image data, 1229 x 732, 8-bit/color RGBA, non-interlaced
First Seen 2025-05-12
Last Seen 2025-07-20
Times Seen 2
Size 163 kB (163194 bytes)
MD5 e6f92a47e2428601e24250d442202927
SHA1 641ce1e48093de5509b17806ea0eab289ac8cd63
SHA256 cc6138c0247a2fa57a9a6cbba3b0f516e4b06ebe86516cca9c843e9f91f2e16e
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2024/10/aws_logo.png HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Cookie: _ga_PSXM8WDP11=GS2.1.s1753008106$o1$g0$t1753008106$j60$l0$h0; _ga=GA1.1.1393964757.1753008106
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: image/png
content-length: 163194
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ii1Idig0neynLk9fO2AYcg%2Ffm%2Bos803Gs9ccDsajekM6nCJz%2FVQxS5%2FwzTYzX6yBny7VCsLEwxRzXxFeY36n%2BWJydbpsRxezYlh4alavq8iWpKvOSCeR8j9X0qKme8gR7rP%2F524%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 24 May 2025 17:38:54 GMT
etag: "6832042e-27d7a"
accept-ranges: bytes
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 9621d91b490356ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=528&min_rtt=0&rtt_var=381&sent=738&recv=219&lost=2&retrans=2&sent_bytes=858715&recv_bytes=15581&delivery_rate=13271816&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=35692&unsent_bytes=0&cid=8221c7774f256aec&ts=1364&inflight_dur=162&x=40"
GET www.qai-amazon.com/wp-content/uploads/elementor/css/post-7298e298e.css?ver=1728649492
200 OK 1.2 kB URL
www.qai-amazon.com/wp-content/uploads/elementor/css/post-7298e298e.css?ver=1728649492
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type ASCII text, with very long lines (1201), with no line terminators
First Seen 2025-01-22
Last Seen 2025-07-20
Times Seen 11
Size 1.2 kB (1201 bytes)
MD5 75f3814e8a5b60ca0464abf3515bc95e
SHA1 2878d80809c8c3a5ce6e50c08c8271033f6c6eeb
SHA256 5f781c2d27434ff0c98a5cabc238dd33379d136d463c44d84cdddff7dd4ee930
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/elementor/css/post-7298e298e.css?ver=1728649492 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:45 GMT
content-type: text/css
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6832042e-4b1"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BolVsJQH74BmUCc7O6bAn5nAniWI6eV%2Bc1dNzX5LuFoIkfZgVF%2F7mncYKRTw6yxwakYptkYFOArzbsp54q4AzfVTE%2B2nci3NAz%2F%2FV2QER34%3D"}]}
cf-ray: 9621d9153c2056cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/uploads/elementor/css/post-9e02ee02e.css?ver=1728649493
200 OK 5.8 kB URL
www.qai-amazon.com/wp-content/uploads/elementor/css/post-9e02ee02e.css?ver=1728649493
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type ASCII text, with very long lines (5757), with no line terminators
First Seen 2025-05-12
Last Seen 2025-07-20
Times Seen 2
Size 5.8 kB (5757 bytes)
MD5 7122c7f3415714e0a6171ccdf6fea09a
SHA1 f442cb33cd12c07387b73d0c1b15e774b0d23fe4
SHA256 957a3acc64f76f382a2d2385c87e4c36d09baae4439e7f6f50af94f768ca2c29
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/elementor/css/post-9e02ee02e.css?ver=1728649493 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:45 GMT
content-type: text/css
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6832042e-167d"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ysYQfsNvU6796CA4rPC0us8%2BL7ohFB1xMBCam9so9rsMuxjNgseXEqoh%2FDmkgcg3oMvTQf2HU4clF13kqm%2FuG%2B0izDp8uPjNCNcMzTQruKU%3D"}]}
cf-ray: 9621d9153c3556cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min28fc28fc.js?ver=3.23.3
200 OK 6.1 kB URL
www.qai-amazon.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min28fc28fc.js?ver=3.23.3
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (6016)
First Seen 2024-08-06
Last Seen 2025-08-02
Times Seen 937
Size 6.1 kB (6060 bytes)
MD5 06e65e3f3efc8bc03a8028d683faaf9c
SHA1 65190238c4d0cf5088a64e0a5dbef346fbb7c6b9
SHA256 123570e6c301162c06b39e2d7e93f31dabcd43e37344fc87f15dc9c5f48f5803
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min28fc28fc.js?ver=3.23.3 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: application/javascript; charset=utf-8
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6832042e-17ac"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=H6uTTC4pCQCsX2eIrrqHXyxtDfE3A4wneQLtOG8C%2FNhon3N7%2FIgPSqeWrP2FXhrq3BrRfuHb7BaxUypkYrUYJ9hRO0e4CkYdqZFhYTxEJq0%3D"}]}
cf-ray: 9621d9155c4e56cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-includes/js/dist/i18n.minc33cc33c.js?ver=5e580eb46a90c2b997e6
200 OK 9.1 kB URL
www.qai-amazon.com/wp-includes/js/dist/i18n.minc33cc33c.js?ver=5e580eb46a90c2b997e6
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type data
First Seen 2024-04-03
Last Seen 2025-08-03
Times Seen 58951
Size 9.1 kB (9141 bytes)
MD5 a8127c1a87bb4f99edbeec7c37311dcd
SHA1 9997a1745f48bdd233dbe9bd8164daa53eba105b
SHA256 f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/i18n.minc33cc33c.js?ver=5e580eb46a90c2b997e6 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSEs5tTFj5HEIeVaKG3UxZYT9EQAKd%2Fbh%2F2tK4hVyk109zIL%2FbScPFjVOos%2B6rAmFyrWAUw1bALMW41XqV1dNJsf6knUCOTCy%2BhhBPU6TliFgEUYCWOaGjunQpBtgwwQAAGJgtc%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 24 May 2025 17:38:54 GMT
etag: W/"6832042e-23b5"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
cf-ray: 9621d91568a956ba-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2398&min_rtt=0&rtt_var=2489&sent=107&recv=131&lost=0&retrans=0&sent_bytes=19064&recv_bytes=9316&delivery_rate=1295929&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=8221c7774f256aec&ts=614&inflight_dur=16&x=40"
GET www.qai-amazon.com/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2
200 OK 146 kB URL
www.qai-amazon.com/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 146060, version 1.0
First Seen 2023-11-07
Last Seen 2025-08-03
Times Seen 1086
Size 146 kB (146060 bytes)
MD5 b782b01afc9646c7259701b07e2a71d0
SHA1 b86a6f0bf3fb4777160165dfe37ca4e99b90216e
SHA256 aa8042a77500cfe4a4893e2b7edbd54dded92768e40418fa0665bec8aae9ae18
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Cookie: _ga_PSXM8WDP11=GS2.1.s1753008106$o1$g0$t1753008106$j60$l0$h0; _ga=GA1.1.1393964757.1753008106
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: font/woff2
content-length: 146060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=szo5KeLoY5m4IgxLoqJYzePBgVRz5Cxe%2Bi6JffSt129lHQkwUUIjR4VroQSc4k3Kf%2FnUNIKYpWBif2D9FOAxI5Nx7ydGMrB8dgk%2FJDjfKBer5CcBPPMXcP8zRfN%2B%2B2ymwWSOe3I%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 24 May 2025 17:38:54 GMT
etag: "6832042e-23a8c"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
cf-ray: 9621d918a8cc56ba-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=844&min_rtt=0&rtt_var=769&sent=153&recv=147&lost=0&retrans=0&sent_bytes=68303&recv_bytes=11537&delivery_rate=5332061&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=23194&unsent_bytes=0&cid=8221c7774f256aec&ts=1026&inflight_dur=49&x=40"
GET www.qai-amazon.com/www.statcounter.com/counter/counter.js
404 Not Found 281 B URL
www.qai-amazon.com/www.statcounter.com/counter/counter.js
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type HTML document, ASCII text
First Seen 2025-07-20
Last Seen 2025-07-20
Times Seen 1
Size 281 B (281 bytes)
MD5 e73128305c945e10a250ba392abbea95
SHA1 ebbcde60007524d71a1ab271411292c5eca91e7c
SHA256 d8f656cd4ccf0f172cf62c8529080fe83f8c59a447c949a703af0e84cfc45c7c
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /www.statcounter.com/counter/counter.js HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Cookie: _ga_PSXM8WDP11=GS2.1.s1753008106$o1$g0$t1753008106$j60$l0$h0; _ga=GA1.1.1393964757.1753008106
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: text/html; charset=iso-8859-1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GmFpcw%2FSvY2oiSLOV5Loixt3vjs588wy9na8SFwWabK9y9R0M27e%2BrCF6AETDcyBBiFPBjsu%2FXLL2DTyBIv%2FbFWlYMciiuGr7w3odThNpOigxoZbICWvCvMM3HozTbnpMOaImg0%3D"}],"group":"cf-nel","max_age":604800}
age: 0
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
content-encoding: br
cf-ray: 9621d91938e056ba-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=844&min_rtt=0&rtt_var=769&sent=151&recv=147&lost=0&retrans=0&sent_bytes=67409&recv_bytes=11537&delivery_rate=5332061&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=23194&unsent_bytes=0&cid=8221c7774f256aec&ts=1018&inflight_dur=49&x=40"
GET aws437h.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
0 B URL
aws437h.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP / ASN
0.0.0.0
#0
Requested by https://www.qai-amazon.com/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619476
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: aws437h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.qai-amazon.com/wp-content/uploads/elementor/css/globale02ee02e.css?ver=1728649493
200 OK 40 kB URL
www.qai-amazon.com/wp-content/uploads/elementor/css/globale02ee02e.css?ver=1728649493
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type ASCII text, with very long lines (15296)
First Seen 2024-08-19
Last Seen 2025-07-20
Times Seen 21
Size 40 kB (40406 bytes)
MD5 dad433af8282355e2c9c9356a92afd69
SHA1 a19a1af6d37ccefe3009b166f0955ec48828e97e
SHA256 da37297a62af599b0dbe9f3cc53fe5e0e3fe837f5994040f7367d86dd1b98b73
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/elementor/css/globale02ee02e.css?ver=1728649493 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:45 GMT
content-type: text/css
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6832042e-9dd6"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=afG%2BeyeY%2FWiwW2juipOA9fH767nABiwOQtUKMTcTLPf00RYacUpqezzJUUhWqiG1JL%2FJxM%2B5vysHYeZ7zedv%2FWD4q1QbnB9raHR3TCWt0jo%3D"}]}
cf-ray: 9621d9153c2656cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/uploads/2024/10/banner-01.png
200 OK 231 kB URL
www.qai-amazon.com/wp-content/uploads/2024/10/banner-01.png
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
First Seen 2025-05-12
Last Seen 2025-07-20
Times Seen 2
Size 231 kB (230754 bytes)
MD5 85c5a2942724ea0bb293c8635ce82dad
SHA1 516144150d655f8874b91afd2e34b7908bd123b3
SHA256 cb017b0b827f2f8676724c1c4a3fa041e1af836f0f8333a093802b421eb7cd06
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2024/10/banner-01.png HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: image/png
content-length: 230754
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "6832042e-38562"
accept-ranges: bytes
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=biN%2FKGFsVDNq3L4PnVMLTpH5wBI6lNwcQIY5q5QXKW7qgxhG8eUlBf6bRzgGDVP6Gz1egOUcYbACeM46D6U6TC8XbowurVOjMBKbX%2BKFi5M%3D"}]}
cf-ray: 9621d9154c4b56cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-includes/js/jquery/jquery.minf43bf43b.js?ver=3.7.1
200 OK 88 kB URL
www.qai-amazon.com/wp-includes/js/jquery/jquery.minf43bf43b.js?ver=3.7.1
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (65447)
First Seen 2023-11-03
Last Seen 2025-08-03
Times Seen 154348
Size 88 kB (87553 bytes)
MD5 826eb77e86b02ab7724fe3d0141ff87c
SHA1 79cd3587d565afe290076a8d36c31c305a573d18
SHA256 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/jquery/jquery.minf43bf43b.js?ver=3.7.1 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: application/javascript; charset=utf-8
server: cloudflare
last-modified: Sat, 24 May 2025 17:38:54 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"6832042e-15601"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ltrL%2FhzDcKWUOPP5kOYUP7VJcv%2BG4oxbNgztW0pPcR9bVMGz3p84MtiXFnrCLbtR0kwy0OcOvV8weQB1BvIc2YoEr7ozKJlWr2EzswdFyj4%3D"}]}
cf-ray: 9621d9155c5956cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min28fc28fc.js?ver=3.23.3
200 OK 43 kB URL
www.qai-amazon.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min28fc28fc.js?ver=3.23.3
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type JavaScript source, ASCII text, with very long lines (42541)
First Seen 2024-08-06
Last Seen 2025-08-02
Times Seen 935
Size 43 kB (42585 bytes)
MD5 e1e347f637e6cedbe57d46f801d8c534
SHA1 40e9ee2e614a91cd5c1afba1dc9fa3e15f7ce3eb
SHA256 e7139bd7f7f045b4e0c2ed3ca13bcefdce330a38e84bff93917caa4bbef28f59
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min28fc28fc.js?ver=3.23.3 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3XQxbKzKcdDXyeJFqn4hhWpUlYH%2FTes9DnixncAnccv4Fly%2FBy3LXnWldsChj1GN2bNoYAIdCeXU90xPLJKPJBi7ifb%2FoLIx1b9vYplvO%2BudtDVfLJHt9yufy1Ed7K7NrIP1Rog%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 24 May 2025 17:38:54 GMT
etag: W/"6832042e-a659"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
cf-ray: 9621d91578ae56ba-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=980&min_rtt=0&rtt_var=923&sent=137&recv=141&lost=0&retrans=0&sent_bytes=54505&recv_bytes=9766&delivery_rate=4274688&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=20797&unsent_bytes=0&cid=8221c7774f256aec&ts=648&inflight_dur=46&x=40"
GET fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
200 OK 7.7 kB URL
fonts.gstatic.com/s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP / ASN
142.250.178.99
#15169 GOOGLE
Requested by https://www.qai-amazon.com/
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0
First Seen 2023-04-05
Last Seen 2025-08-03
Times Seen 55778
Size 7.7 kB (7748 bytes)
MD5 a09f2fccfee35b7247b08a1a266f0328
SHA1 0da2d17e738f46d2a09e6fb7969da451719a9820
SHA256 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 9A:5E:6D:44:D8:FB:03:E5:9A:13:6D:FF:53:DA:1C:8C:EA:3A:A7:AA
Validity Mon, 23 Jun 2025 08:41:27 GMT - Mon, 15 Sep 2025 08:41:26 GMT
GET /s/poppins/v23/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.qai-amazon.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Jul 2025 21:39:00 GMT
expires: Thu, 16 Jul 2026 21:39:00 GMT
cache-control: public, max-age=31536000
age: 306166
last-modified: Wed, 23 Apr 2025 16:07:32 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET aws437h.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
0 B URL
aws437h.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
IP / ASN
0.0.0.0
#0
Requested by https://www.qai-amazon.com/
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-03
Times Seen 5619476
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.6.2 HTTP/1.1
Host: aws437h.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6.2
200 OK 145 kB URL
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6.2
IP / ASN
142.250.74.10
#15169 GOOGLE
Requested by https://www.qai-amazon.com/
Resource Info
File type ASCII text, with very long lines (1572)
First Seen 2025-06-03
Last Seen 2025-08-02
Times Seen 104
Size 145 kB (144788 bytes)
MD5 a1c98c3449644bc2690151d8f2cf6816
SHA1 dfa11144e25ddd22c37eb2552111d988c8e55aa4
SHA256 b15a0cf3f827c5bf5ce8ee55a561eff3e16c77f28a478f5e5ee91b71bb32a14c
Certificate Info
Issuer Google Trust Services
Subject upload.video.google.com
Fingerprint DC:40:BF:B1:59:C9:CC:B5:4A:38:2D:D0:16:8D:06:A5:1D:B4:08:8B
Validity Mon, 23 Jun 2025 08:41:28 GMT - Mon, 15 Sep 2025 08:41:27 GMT
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.6.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 20 Jul 2025 10:41:45 GMT
date: Sun, 20 Jul 2025 10:41:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.qai-amazon.com/wp-includes/js/jquery/ui/core.minb37eb37e.js?ver=1.13.3
200 OK 22 kB URL
www.qai-amazon.com/wp-includes/js/jquery/ui/core.minb37eb37e.js?ver=1.13.3
IP / ASN
104.21.16.116
#13335 CLOUDFLARENET
Requested by https://www.qai-amazon.com/
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (8189)
First Seen 2024-07-16
Last Seen 2025-08-03
Times Seen 19866
Size 22 kB (21464 bytes)
MD5 8fbc22c79d40119dde9a5d16897002b9
SHA1 e9837519aca724457792e2d5ee98a97a0367cdf9
SHA256 7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
Certificate Info
Issuer Google Trust Services
Subject qai-amazon.com
Fingerprint 43:BD:BF:DE:EC:48:F1:2A:B7:F9:AB:3F:DE:1A:C4:94:DC:F4:92:E7
Validity Tue, 08 Jul 2025 10:21:31 GMT - Mon, 06 Oct 2025 11:20:05 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /wp-includes/js/jquery/ui/core.minb37eb37e.js?ver=1.13.3 HTTP/1.1
Host: www.qai-amazon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.qai-amazon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 20 Jul 2025 10:41:46 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VBILfqRvkKUBFwuqhsN4Eifs%2F5mKvFTqpkDKNlqaieyDsTQ7zQQpTPg7Tgyiz4H%2FMYAMH%2B45m3yW0ELZpYyZ%2Fuj3V5BKSAyPgwFGefjmOktlzpmMx90qllzSRct7ofzm4EEHjFI%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 24 May 2025 17:38:54 GMT
etag: W/"6832042e-53d8"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: MISS
vary: accept-encoding
cf-ray: 9621d91578ac56ba-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1503&min_rtt=0&rtt_var=1983&sent=117&recv=135&lost=0&retrans=0&sent_bytes=29686&recv_bytes=9493&delivery_rate=3373266&ss_exit_cwnd=14913&ss_exit_reason=2&cwnd=14000&unsent_bytes=0&cid=8221c7774f256aec&ts=619&inflight_dur=20&x=40"
