urlscan.io logo urlscan.io
SecurityTrails logo

internalmigrateflo.qxlva.io Open in urlscan Pro
2606:4700:4400::ac40:94c5  Public Scan

Go To Rescan Add Verdict Report
URL: https://internalmigrateflo.qxlva.io/
Submission: On July 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2606:4700:4400::ac40:94c5, located in United States and belongs to CLOUDFLARENET, US. The main domain is internalmigrateflo.qxlva.io.
TLS certificate: Issued by E6 on July 27th 2024. Valid for: 3 months.
This is the only time internalmigrateflo.qxlva.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
17 2
Apex Domain
Subdomains		 Transfer
17 qxlva.io
internalmigrateflo.qxlva.io
149 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
19 KB
17 2
Domain Requested by
17 internalmigrateflo.qxlva.io 1 redirects internalmigrateflo.qxlva.io
1 cdn.jsdelivr.net internalmigrateflo.qxlva.io
17 2

This site contains no links.

Subject Issuer Validity Valid
internalmigrateflo.qxlva.io
E6		 2024-07-27 -
2024-10-25		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://internalmigrateflo.qxlva.io/
Frame ID: B3C65EDF3532E7B2B85E4C91151C2A45
Requests: 15 HTTP requests in this frame

Frame: https://internalmigrateflo.qxlva.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/2db5e1cc2adc/main.js
Frame ID: 4428DBF4149360F5E5073DE17469F2E6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Assign Felling Licence Application - Forestry Commission Internal Interface

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?govuk-frontend(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • govuk-frontend(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • /npm/sweetalert2@([\d.]+)
  • sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

94 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

168 kB
Transfer

499 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://internalmigrateflo.qxlva.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://internalmigrateflo.qxlva.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/2db5e1cc2adc/main.js

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
internalmigrateflo.qxlva.io/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28154d476e50e98ee57f6e9d845a316a0e8f60ab0d22aae514dc034de6c2567
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8a9d999a184539c8-FRA
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
content-type
text/html; charset=utf-8
date
Sat, 27 Jul 2024 15:18:05 GMT
server
cloudflare
strict-transport-security
max-age=2592000
govuk-frontend-4.6.0.min.css
internalmigrateflo.qxlva.io/css/ 		118 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/css/govuk-frontend-4.6.0.min.css
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c811724bfec86518d852d743dcb9f72c7ea664d34fb2efbeb267dad47adc1bf3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:57 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
W/"1da3fe2adae2e8e"
vary
Accept-Encoding
content-type
text/css
cf-ray
8a9d999b4a4e39c8-FRA
moj-frontend.min.css
internalmigrateflo.qxlva.io/css/ 		52 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/css/moj-frontend.min.css
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9327d8449a66a07538ef725cfe8c23dc28dfbbc1f94faab7eb01b31005c8352
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:57 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
W/"1da3fe2adaf2753"
vary
Accept-Encoding
content-type
text/css
cf-ray
8a9d999b4a5539c8-FRA
patterns.css
internalmigrateflo.qxlva.io/css/ 		3 KB
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/css/patterns.css
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
074e23f4f559ad68d354e05d4bdee43bb54cc6295369d81ec0b9db01e92575ce
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:57 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
W/"1da3fe2adaffcd4"
vary
Accept-Encoding
content-type
text/css
cf-ray
8a9d999b4a5a39c8-FRA
site.css
internalmigrateflo.qxlva.io/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/css/site.css
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0c4d52c783b9adf2deb5cb9a6c4bb0e3f47f662d00ea5c7abcc584b430e95a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:57 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
W/"1da3fe2adaffd4b"
vary
Accept-Encoding
content-type
text/css
cf-ray
8a9d999b4a5d39c8-FRA
application-list.css
internalmigrateflo.qxlva.io/css/ 		146 B
207 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/css/application-list.css
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c0e85f6eb84454251b85c485225a5d44223d20a739b34f295a7b2b5d26d86c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:57 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
W/"1da3fe2adaff612"
vary
Accept-Encoding
content-type
text/css
cf-ray
8a9d999b4a5e39c8-FRA
govuk-frontend-4.6.0.min.js
internalmigrateflo.qxlva.io/js/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/js/govuk-frontend-4.6.0.min.js
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57d4b3e97b989eadc48a6d29262b5c48ad50a1e73235457dfea57dffebc3e903
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:57 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
W/"1da3fe2adaf4ae4"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
8a9d999b4a6339c8-FRA
moj-frontend.min.js
internalmigrateflo.qxlva.io/js/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/js/moj-frontend.min.js
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
093ca0401e75e6572bec9e035c3bd02babe5b2848d700da42bf0598d5b06cb8a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:57 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
W/"1da3fe2adaf8e9d"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
8a9d999b4a6639c8-FRA
jquery.min.js
internalmigrateflo.qxlva.io/lib/jquery/dist/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/lib/jquery/dist/jquery.min.js
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:59 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
W/"1da3fe2aee07e04"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
8a9d999b4a6839c8-FRA
site.js
internalmigrateflo.qxlva.io/js/ 		2 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/js/site.js
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
238f33723628ffdc06e6eff4f6679571de15a97008e7b178be6c8852f1782034
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:57 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
W/"1da3fe2adaff033"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
8a9d999b4a6a39c8-FRA
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@11.6.8/dist/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11.6.8/dist/sweetalert2.all.min.js
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8bb79cc7e67c2377e6b80db3544015a4d474c0316c2f19ad1e55a37841b8e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://internalmigrateflo.qxlva.io/
Origin
https://internalmigrateflo.qxlva.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 27 Jul 2024 15:18:05 GMT
x-content-type-options
nosniff
content-encoding
br
age
395284
x-jsd-version
11.6.8
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
19159
x-served-by
cache-fra-eddf8230092-FRA, cache-mxp6967-MXP
x-jsd-version-type
version
etag
W/"fad6-EXu7oHsKCjU72IhKnqkPmyKQOzM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
fla-assignments-list.js
internalmigrateflo.qxlva.io/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/js/fla-assignments-list.js
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f71b4fdd49fa80590acc3add5b9dabe51be236098477dbe5068448982e0eed8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:57 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
W/"1da3fe2adafee09"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
8a9d999b4a6b39c8-FRA
bold-b542beb274-v2.woff2
internalmigrateflo.qxlva.io/assets/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/assets/fonts/bold-b542beb274-v2.woff2
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/css/govuk-frontend-4.6.0.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/css/govuk-frontend-4.6.0.min.css
Origin
https://internalmigrateflo.qxlva.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:57 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
"1da3fe2adaf8c78"
vary
Accept-Encoding
content-type
application/font-woff2
accept-ranges
bytes
cf-ray
8a9d999c9bd539c8-FRA
content-length
31480
light-94a07e06a1-v2.woff2
internalmigrateflo.qxlva.io/assets/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/assets/fonts/light-94a07e06a1-v2.woff2
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/css/govuk-frontend-4.6.0.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/css/govuk-frontend-4.6.0.min.css
Origin
https://internalmigrateflo.qxlva.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:57 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
"1da3fe2adaf74e6"
vary
Accept-Encoding
content-type
application/font-woff2
accept-ranges
bytes
cf-ray
8a9d999c9bd739c8-FRA
content-length
33382
main.js
internalmigrateflo.qxlva.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/2db5e1cc2adc/ Frame 4428
Redirect Chain
  • https://internalmigrateflo.qxlva.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://internalmigrateflo.qxlva.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/2db5e1cc2adc/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/2db5e1cc2adc/main.js?
Protocol
H2
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9be0687b3a378c273ce9fcd763ec3b67a8d39f6d3aa9ca5879dd483aac9b5f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8a9d999d6cf139c8-FRA

Redirect headers

date
Sat, 27 Jul 2024 15:18:05 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/2db5e1cc2adc/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8a9d999ccc1439c8-FRA
content-length
0
favicon.ico
internalmigrateflo.qxlva.io/assets/images/ 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/assets/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6921a31b023a41929073393bdad00077436c3835994079bcd2e437261875b2fc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://internalmigrateflo.qxlva.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
content-security-policy
default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
content-encoding
gzip
strict-transport-security
max-age=2592000
last-modified
Fri, 05 Jan 2024 14:22:57 GMT
server
cloudflare
cf-cache-status
HIT
age
3
etag
W/"1da3fe2adafee2e"
vary
Accept-Encoding
content-type
image/x-icon
cf-ray
8a9d999d7cf639c8-FRA
8a9d999a184539c8
internalmigrateflo.qxlva.io/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4428 		0
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://internalmigrateflo.qxlva.io/cdn-cgi/challenge-platform/h/g/jsd/r/8a9d999a184539c8
Requested by
Host: internalmigrateflo.qxlva.io
URL: https://internalmigrateflo.qxlva.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:94c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Jul 2024 15:18:05 GMT
server
cloudflare
cf-ray
8a9d999e8e4b39c8-FRA
content-length
0
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| GOVUKFrontend object| MOJFrontend function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal

2 Cookies

Domain/Path Name / Value
.qxlva.io/ Name: __cf_bm
Value: a9mFspDV43F9CHevO7GmXNhmYoeCeO_RF13pC65rZWU-1722093485-1.0.1.1-WglejjrUGXEWoC7u1OhTtWIXtyx3GAJqHYorWU4LLjhO_nqvB4jxf_msKwCLS_FbZR6cPtfuqJ15UYLJ1jKQwA
.qxlva.io/ Name: cf_clearance
Value: AzjCxiZmPzh_G.v5oarFtHLfYC3W2ZKAbC5G6mNQFFQ-1722093485-1.0.1.1-PDzRFHuU2lZwCGejHyFHgutHBrNvxCJ3PDfV_HIqbrdNE5LrF.N06i5b5EPfNe4SSyxTuSydPzIRLBjXWc33dw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://*.usersnap.com https://*.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' https://internalmigrateflo.qxlva.io https://*.datatables.net https://fonts.googleapis.com 'unsafe-inline'; font-src https://internalmigrateflo.qxlva.io https://fonts.gstatic.com; worker-src blob: https://internalmigrateflo.qxlva.io; connect-src https://*.qxlva.io https://*.arcgis.com https://*.usersnap.com; img-src 'self' https://*.qxlva.io https://*.arcgis.com data:;
Strict-Transport-Security max-age=2592000