firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 20 Oct 2022 18:51:51 GMT
Expires: Thu, 20 Oct 2022 19:20:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7fY4ih5flkEtrtwI52w9dz30Vatt1BB7C3ecd5_wybMpwgT4vmCPfg==
Age: 133
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 24a97183f836954e0f05c4dc794ff4d1
52778bbe39b9f736c16b5798575d1d96607ce9d0
01f6721f2674f54662fff590fdf7247cc8c58a3f84906cae75527fb7b6dd2436
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01F6721F2674F54662FFF590FDF7247CC8C58A3F84906CAE75527FB7B6DD2436"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17832
Expires: Thu, 20 Oct 2022 23:51:16 GMT
Date: Thu, 20 Oct 2022 18:54:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e41c85816a32bf30e54a8993fcd0406f
35013fb83966783145f1439eb7e949beefae4cf8
22dfbec34834914ffd13a3bee717dbf695450c05a44949bb691e39d254e39665
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DFBEC34834914FFD13A3BEE717DBF695450C05A44949BB691E39D254E39665"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7562
Expires: Thu, 20 Oct 2022 21:00:06 GMT
Date: Thu, 20 Oct 2022 18:54:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zL5WNG7p993E480cqLklZ/vOtsPiId8Yd6TXwyyWx7gPsHfId4mdzhXgGCp51UvzJs7QeYARDLw=
x-amz-request-id: 5F1C05S455303YTK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 20 Oct 2022 18:04:47 GMT
age: 2957
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.comodoca.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 49ccd07b33c621b34a4f239edcae015b
58ed931ec4999757a56c9d3fa80d6c5d5a634a80
b0e842af19fc60f51cab2a91c16e3b9621c2f302f42b0391fd6ac5a5d37fbe9e
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 18:54:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 17 Oct 2022 12:38:43 GMT
Expires: Mon, 24 Oct 2022 12:38:42 GMT
Etag: "58ed931ec4999757a56c9d3fa80d6c5d5a634a80"
Cache-Control: max-age=322477,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75d3f5bd4915b523-OSL
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 20 Oct 2022 18:54:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 20 Oct 2022 18:43:40 GMT
Expires: Thu, 20 Oct 2022 19:26:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1oTETTRniHt7lR4kpsDGKqXoI9JV_IXbPRYe4VhoVSUSePEJONS9Sw==
Age: 624
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a5dd4f71f4ddd5be9201466ed7a6c423
1d0832fb6e227d42137d319f728c8bc1414c816f
1edffa6a320210fccbd0e5fa6dbdaa45561678a75a66639985f02791c8283b40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4392
Cache-Control: max-age=138353
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:05 GMT
Etag: "63510196-1d7"
Expires: Sat, 22 Oct 2022 09:19:58 GMT
Last-Modified: Thu, 20 Oct 2022 08:06:46 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: K8Xeq7mjpQLZ4zE743RWzw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JViyusUta5+jklJOxLFGgld7ySw=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17837
Expires: Thu, 20 Oct 2022 23:51:23 GMT
Date: Thu, 20 Oct 2022 18:54:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17837
Expires: Thu, 20 Oct 2022 23:51:23 GMT
Date: Thu, 20 Oct 2022 18:54:06 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1da8a8e-07d7-4788-a750-b444d5b94049.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1da8a8e-07d7-4788-a750-b444d5b94049.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa40305eef05745db4726fd428bd8b84
b957772b40c2485d9a50038d9ffa490f85fe1db9
19735ce0eebf21dd8029a7d0766061ad446232b20b2ac3c9d8b138b263f8fde2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1da8a8e-07d7-4788-a750-b444d5b94049.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9746
x-amzn-requestid: 483d8ab7-5f45-489a-b610-ae9fe9d635d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z1AKaEtcIAMFxnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634513dc-027bf86916a9f9dd239ce02f;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 06:57:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Xdy89VB2nPsc5-qy0_aLm-49RUExzR-kVzzi_TmLV7zpkQJfGBXvHA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 17:58:07 GMT
age: 3359
etag: "b957772b40c2485d9a50038d9ffa490f85fe1db9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927829d0-802f-4d0d-b566-d5875b574c9a.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927829d0-802f-4d0d-b566-d5875b574c9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fd91971508ef6f5985a0017dfcdd73e
e94567c4fe3adade32f19c8c3053a486fe8c3ac9
34966351275d61a81528a5b5eedef55878d9f7b9c0af311ead9471dda8a02e41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F927829d0-802f-4d0d-b566-d5875b574c9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7098
x-amzn-requestid: 2f4f7eac-181e-4fe2-b3de-5b22e9e9b9ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRYSPGRMIAMFZAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506da7-42ed935836382b62301fc3e5;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:35:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3mTReybPYr9-3La4Em1Uxi6qekm1bmxosNDCFy3m5AT52Kj37jgeFQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 22:01:35 GMT
age: 75151
etag: "e94567c4fe3adade32f19c8c3053a486fe8c3ac9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F638eac9f-fba9-43ad-a54e-d70a9233253b.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F638eac9f-fba9-43ad-a54e-d70a9233253b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b38fcf82dcb60f48ee2b0df158d2eb6
14207b4845fc4c2c72a18a77cbcbe5f50aa9056e
4cff326ed72c61a05f1150ac1a5423b006915bbb25dfaa11dadab2c24e71de1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F638eac9f-fba9-43ad-a54e-d70a9233253b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5566
x-amzn-requestid: 0eb4a0a4-9659-4c49-81d4-cd605eceed66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRZKGEwzIAMFVbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506f0d-0bc0a25f4f5b1e893f448ae2;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:41:33 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CYc4z6vU4jFleVwO0v7iD4CI7Ic5YgqMfqgAFCw8OEOtwMouN8zzbw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 22:03:55 GMT
age: 75011
etag: "14207b4845fc4c2c72a18a77cbcbe5f50aa9056e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c50c7d-8321-4dac-aa20-04a81680db07.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c50c7d-8321-4dac-aa20-04a81680db07.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ee7bd4412c0b0eb678b9d53b07bdd9a
a8ba1a075a9c5501d043b9b14c45ed6bcd684e68
2499b2c4414108ed742986b90ca2a1b60c3fd65a82a78322031263650e935c7e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1c50c7d-8321-4dac-aa20-04a81680db07.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10554
x-amzn-requestid: 343fc462-3654-48cb-bb4f-0d0d54c07b58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRX9REoMoAMF21g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d21-152a7b145b9fcb0e0a97db57;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kpcuEgGxL1lp6g9MIzYRrJbEYNMxoM0jAOor7pqELF-cXuC2Io99UA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:47:22 GMT
age: 76004
etag: "a8ba1a075a9c5501d043b9b14c45ed6bcd684e68"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 81216ad70664e969888ae7b13871fda0
6b15c7d7abb9ff1cc040853401ad5a39f81c19a4
7294e93d890b4c8eeb8383a67aac0be8b88cac5e0882865c9f38ade713157799
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5d17f5-6084-45a5-9677-8ae8646d6ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9607
x-amzn-requestid: 590b20a6-039c-4c25-a61a-5f579c5b31f2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRZj6HZ7oAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506fb2-04b740c442ae735347b4e2c3;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bL5fVog2SuW8ZNt9a0ECc8jwcAELUBVo63LXPovdnIRxCRnsMWVvvQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 21:49:50 GMT
age: 75856
etag: "6b15c7d7abb9ff1cc040853401ad5a39f81c19a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1a95f4f-d066-4cb4-bb6a-392f3ed5c229.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1a95f4f-d066-4cb4-bb6a-392f3ed5c229.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e76755a16cf0bdb76d5e832c7b14af85
e008a1663c29616e83dccba105d7f6e2dbbb37dc
ab1d3690731963f85ede6cf6bedfb8b62ae1f93fafecc2cf343ea07bd4f2afce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1a95f4f-d066-4cb4-bb6a-392f3ed5c229.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13101
x-amzn-requestid: e10df8ba-d8f2-44c8-ad0f-bbda32020e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRYBYF6noAMFthg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63506d3b-56538b97541830784f01f61f;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 21:33:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yhCeyHazxhrahbPqlyhMWan0djWD6r-7tpx6PZwJe-5WKQYJ1NcKwA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 22:04:02 GMT
etag: "e008a1663c29616e83dccba105d7f6e2dbbb37dc"
content-type: image/jpeg
age: 75004
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7d3049667c1a65b13995652bad0748a5
3e74f4761dfedb4511db7aa1b35ffa17fcb5535c
e19690b3e0e53e52ec5374d01b2d89fa0f234c242d089574d61f3f1c737eb5a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
142.250.74.10200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP 142.250.74.10:0
Hash c5bda84d2e3abbc32c7788f71a6d79d1
6c0cfe718a5649daf865a4fc985d333da65d26e4
15cd46904c2fab7872b1bbd3b48a9f058f19493e4bc3ccc44266473324990748
GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 20 Oct 2022 18:54:07 GMT
date: Thu, 20 Oct 2022 18:54:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.comodoca.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 32ca1a0dc4f202f652ed49c153f4771d
caddf9c0a78c8ff795ede370fad23683312198cd
0ed135c22ade75f690aa2e107a3d66d4fea571b74ed5873d3c5792197fb7677a
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 18:54:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 22:48:20 GMT
Expires: Tue, 25 Oct 2022 22:48:19 GMT
Etag: "caddf9c0a78c8ff795ede370fad23683312198cd"
Cache-Control: max-age=447206,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1756
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75d3f5d81b88b523-OSL
ocsp.comodoca.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 32ca1a0dc4f202f652ed49c153f4771d
caddf9c0a78c8ff795ede370fad23683312198cd
0ed135c22ade75f690aa2e107a3d66d4fea571b74ed5873d3c5792197fb7677a
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 20 Oct 2022 18:54:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 18 Oct 2022 22:48:20 GMT
Expires: Tue, 25 Oct 2022 22:48:19 GMT
Etag: "caddf9c0a78c8ff795ede370fad23683312198cd"
Cache-Control: max-age=447206,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1756
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75d3f5d82b92b523-OSL
www.eplimo.ae/wp-content/themes/Eplimo/assets/css/plugins.css
103.212.121.180200 OK 18 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/css/plugins.css
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type ASCII text, with very long lines (50617), with CRLF line terminators
Hash 259ff78d269efb058d594668c5ae86b9
a6f0cd24ea7834e1133816e6bb47ef6d0c7e3e14
24814a52d71e6af96354fe8308be1783ffa928f828af2aa28d53673eec581582
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/css/plugins.css HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:08 GMT
content-type: text/css
last-modified: Wed, 02 Dec 2020 10:57:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18364
date: Thu, 20 Oct 2022 18:54:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/main.js
103.212.121.180200 OK 4.7 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/main.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Hash 344d803c13cf58c97108eb4c61e73f18
fb4cd4b9fa65fc0932e0a8f0d9e5f6479f8052ae
f0266e5fe818eeb97d7f1bda34c9d847411d4e3e09b566807a34227873b6adbf
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/main.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: application/javascript
last-modified: Sun, 19 Jul 2020 15:32:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4675
date: Thu, 20 Oct 2022 18:54:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/footer-reveal_init.js
103.212.121.180200 OK 69 B URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/footer-reveal_init.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Hash 5bc4e2262451dd963f390be58e448183
6eaf995aca1dbb8e9bc26b9dd6cdeb3d178d61b7
05657c3b53dc356b06067cd6ef0af503cb8b0e387c3877abdbc8a060d0800311
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/footer-reveal_init.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: application/javascript
last-modified: Sun, 19 Jul 2020 15:32:10 GMT
accept-ranges: bytes
content-length: 69
date: Thu, 20 Oct 2022 18:54:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/particles_init.js
103.212.121.180200 OK 499 B URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/particles_init.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Hash fe4db7d9cf56e43d6bdbb6b75e87f54c
b0b683e7bafc57d522cc948cbee403388c8d932b
1b67501e56dbe689806945b33d5064d6a5d57bd2e7c4f7679c554f9fe8657835
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/particles_init.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: application/javascript
last-modified: Sun, 19 Jul 2020 15:32:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 499
date: Thu, 20 Oct 2022 18:54:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/logo-white.png
103.212.121.180200 OK 3.4 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/logo-white.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PNG image data, 741 x 114, 8-bit colormap, non-interlaced\012- data
Hash ee6e069e7a66c4f20efcd3ffa714f62e
a2b80cdd5968574b801d4cb372c20096114b8e3f
1e16f6e604d06f5d4e5e9d12e1b0bc74f5494877db4e1a11ebab22af685b5541
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/logo-white.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: image/png
last-modified: Thu, 03 Dec 2020 02:33:28 GMT
accept-ranges: bytes
content-length: 3413
date: Thu, 20 Oct 2022 18:54:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/logo-black.png
103.212.121.180200 OK 3.4 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/logo-black.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PNG image data, 741 x 114, 8-bit colormap, non-interlaced\012- data
Hash d68e0516af406cfe58f24ef943efd438
e030cff310a7e565672b6b74e1d9d57224891ca3
cb3c873b3254352eb69bc7b5a43955fdc44530016403228d75ff0bd50bb616bb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/logo-black.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: image/png
last-modified: Thu, 03 Dec 2020 02:33:28 GMT
accept-ranges: bytes
content-length: 3413
date: Thu, 20 Oct 2022 18:54:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/particles.js
103.212.121.180200 OK 5.7 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/particles.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type ASCII text, with very long lines (23002)
Hash a4969ae1d44d92b88421b4f82fd607b5
f8138585982755425411cccd43741253c5c77dec
717eecfac08581c08cb1581083a064211c85cb72ca7873f2e8bae55a542d4f7c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/particles.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: application/javascript
last-modified: Sun, 19 Jul 2020 15:32:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5735
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/footer-reveal.js
103.212.121.180200 OK 383 B URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/footer-reveal.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type ASCII text, with very long lines (649)
Hash afd6f0c7c36f23082ea9d9da98f338b9
d7431d441cb4040708cf1936912a25808c23cd9a
ffbf9ab8b26f1a546771e445e38899a13cfea7f4d31005ef632da777cc88eb44
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/footer-reveal.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: application/javascript
last-modified: Tue, 02 Aug 2022 06:14:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 383
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/css/style.css
103.212.121.180200 OK 24 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/css/style.css
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type ASCII text, with very long lines (304), with CRLF line terminators
Hash 7c632fb0ac8d977350918972bd0c4fd8
595c057f645598d00c37dfda5f628bff71218798
545c50c695f51bd3974d4e3188eaa6919890508842281394e5d38390f831ed6f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/css/style.css HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: text/css
last-modified: Mon, 28 Jun 2021 10:36:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 23641
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/particless.js
103.212.121.180200 OK 5.7 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/particless.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type ASCII text, with very long lines (23002)
Hash a4969ae1d44d92b88421b4f82fd607b5
f8138585982755425411cccd43741253c5c77dec
717eecfac08581c08cb1581083a064211c85cb72ca7873f2e8bae55a542d4f7c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/particless.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: application/javascript
last-modified: Wed, 29 Jul 2020 10:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5735
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 193d2d5278d7126ac87e3b5d25c73846
a113a1bd6d01cf7f17ecdd8c1d71405e3a680359
3cdc1c4dbdde26acb1eedba11b1aa3a93d8933dda59f777e6172feb9fa773f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-WL2J35C
142.250.74.168200 OK 61 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WL2J35C
IP 142.250.74.168:0
File type ASCII text, with very long lines (14948)
Hash 1272cf7653526aeac4c364fab8faf1ca
1304c44c6a20474a70f342d8de743035df9c2cc2
aa1a7582ddafff51db9d22d8eb1bb03cd7b5bd1eaff5b1c9fcfd75e493486b34
GET /gtm.js?id=GTM-WL2J35C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Oct 2022 18:54:10 GMT
expires: Thu, 20 Oct 2022 18:54:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 20 Oct 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 61030
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7d63ca0f6e41daad3b82edb628ce532f
91d03a0d81d3e11642d0a4c13a4068180b9595e5
16e5d96bfd0492378b33ebc943de0884b22f634d446d45fba51f5c6a2e8285e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7d63ca0f6e41daad3b82edb628ce532f
91d03a0d81d3e11642d0a4c13a4068180b9595e5
16e5d96bfd0492378b33ebc943de0884b22f634d446d45fba51f5c6a2e8285e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 16:40:18 GMT
expires: Fri, 20 Oct 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 8032
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 193d2d5278d7126ac87e3b5d25c73846
a113a1bd6d01cf7f17ecdd8c1d71405e3a680359
3cdc1c4dbdde26acb1eedba11b1aa3a93d8933dda59f777e6172feb9fa773f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/plugins.js
103.212.121.180200 OK 97 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/plugins.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type ASCII text, with very long lines (32069)
Hash efb1a29c35e261a720dd7f0f3544e8d2
74adb9e47924ffea14175f1942bdf01aacdbcb98
c09dfebbb56a3b8dc48aa3f22c7b82cade27a8e41dc30d1648de1baa56a7b107
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/plugins.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: application/javascript
last-modified: Sun, 19 Jul 2020 15:32:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 96829
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7d63ca0f6e41daad3b82edb628ce532f
91d03a0d81d3e11642d0a4c13a4068180b9595e5
16e5d96bfd0492378b33ebc943de0884b22f634d446d45fba51f5c6a2e8285e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/How-can-i-benefit.jpg
103.212.121.180200 OK 91 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/How-can-i-benefit.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1600, components 3\012- data
Hash dfde4dd88c0a80dd18696272c8d60613
d89b4866340ba2308b7789faeb58e90af9283ae4
ef3e482ffa493ad7916578667bc829f3e97f07e70ccaa6452e2e7f4a8bf42a4b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/How-can-i-benefit.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 10:31:08 GMT
accept-ranges: bytes
content-length: 90809
date: Thu, 20 Oct 2022 18:54:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/Why-do-i-need.jpg
103.212.121.180200 OK 83 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/Why-do-i-need.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1600, components 3\012- data
Hash e859149f32b4c4eeddb9b8d300cbbe9d
8c225c7d5db6d0e23d32fef5210e0d729fe194a6
726f3bb6bb0991fe69683e3627b527985cc15f930e33f9e240cd73c58f1936a7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/Why-do-i-need.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 10:31:30 GMT
accept-ranges: bytes
content-length: 82556
date: Thu, 20 Oct 2022 18:54:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/step1.png
103.212.121.180200 OK 43 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/step1.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PNG image data, 500 x 381, 8-bit colormap, non-interlaced\012- data
Hash c74c71316144152dcb81bccc65092276
9c274e734111898225c9f569c4eef2cdab2fdab3
87384ab12357fd3b14c214720637cd14ae71c5eef0d12ae4b2e36a8954790e60
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/step1.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: image/png
last-modified: Thu, 03 Dec 2020 10:31:18 GMT
accept-ranges: bytes
content-length: 42612
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/step3.png
103.212.121.180200 OK 52 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/step3.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PNG image data, 500 x 381, 8-bit colormap, non-interlaced\012- data
Hash fb97f2bb1f01a948355f666ace7e7edd
eb2d1ef899240edd567109c214ecedb14fade3a6
e2fbe0ab2e5d56b4839aff523e769698fdda3f7b7ce28264057a0c591b407496
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/step3.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: image/png
last-modified: Thu, 03 Dec 2020 10:31:26 GMT
accept-ranges: bytes
content-length: 51895
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/step2.png
103.212.121.180200 OK 48 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/step2.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PNG image data, 500 x 381, 8-bit colormap, non-interlaced\012- data
Hash 2fd5944b8ab62e7c9974d121a2b09ffc
cc4c503c2821ebc3ba9231b767ca2000de2565b8
edf703a030929348b022e8012b46874ef8b381a98af8b71a05b7f44e57108a6a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/step2.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: image/png
last-modified: Thu, 03 Dec 2020 10:31:22 GMT
accept-ranges: bytes
content-length: 47867
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimotest2.jpg
103.212.121.180200 OK 80 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimotest2.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Hash 630bd08a321b8377c8224ea66ab0f4cb
de89a9aac80da2e51bfd781af7543491c8484c2e
397620015f8586f727b7558d746cfe6da09968e25d00fa60cbfd666b79cd2b3b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/eplimotest2.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 10:31:06 GMT
accept-ranges: bytes
content-length: 80535
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/startyoureplimo.jpg
103.212.121.180200 OK 40 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/startyoureplimo.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x565, components 3\012- data
Hash 8a2ddbb85a3770c13a53466145c034cc
6545f3c188809b2fe4239533118b56baa1ca9f13
26ebf2e9cba490148d2a201a2b6cfbe01200037777b943dd16cef07ed8cf62d2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/startyoureplimo.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 10:31:12 GMT
accept-ranges: bytes
content-length: 40012
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/metabolic-assessment.jpg
103.212.121.180200 OK 95 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/metabolic-assessment.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Hash 0167843d05f8c34a20681c42917830d9
a07935ebf54e3d74276ae18d25ad13980634aaa1
bf3d23fd1ced22534bd130c96e770f701ed413874b25bdca1c42dc1235cabaf2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/metabolic-assessment.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 10:31:10 GMT
accept-ranges: bytes
content-length: 95334
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimorecomendation.jpg
103.212.121.180200 OK 91 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimorecomendation.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Hash 764befcb668fe6085917f7ae161e4ce2
4cf56c9108d9e4e5b1d6becc2d4d75dc5e6309d0
c930768078092cc86cf7d6b233431d31338fc08d205be1fa7bd9e3400a301c40
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/eplimorecomendation.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 10:31:04 GMT
accept-ranges: bytes
content-length: 91023
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimocaoching.jpg
103.212.121.180200 OK 125 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimocaoching.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Size 125 kB (124577 bytes)
Hash 2f766a55e3716cd3d05b57933b214fb0
3b35892c2557a983595c005f38814fa232b30825
a0641fa6f273ac9d914b32ef6331bca01f238b7bde6537f29d66f96a5559b44d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/eplimocaoching.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:09 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 10:31:00 GMT
accept-ranges: bytes
content-length: 124577
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimo-app.jpg
103.212.121.180200 OK 91 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimo-app.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Hash c4a5726e586d15db26ed39ae7ab139e4
7931d12b067f5aabf07cc873fffa2e67baca0257
ec3b6f871c95f64ad2c0e927631ccfca5831ab70c5b94603290033d53f8f772b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/eplimo-app.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:10 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 10:30:58 GMT
accept-ranges: bytes
content-length: 90880
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/epigenetic-lifestyle.jpg
103.212.121.180200 OK 168 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/epigenetic-lifestyle.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3\012- data
Size 168 kB (167492 bytes)
Hash c5b5099a249c896e756bc21340f76331
66c4dc346713cafa4ae1fb745281c63ed44dc2d4
935979e79aefc2d50c87b741a2e025813e1e94c1c482fe54c69bbad5b2c7ad6d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/epigenetic-lifestyle.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:10 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 10:30:56 GMT
accept-ranges: bytes
content-length: 167492
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/mastercard.jpg
103.212.121.180200 OK 203 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/mastercard.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:06:28 20:23:43], baseline, precision 8, 1391x253, components 3\012- data
Size 203 kB (203375 bytes)
Hash c01503af8020c85c31a32f0fd05494b7
68cb5eda771d5a06b512ab87673d72c6ea2e4f0a
277e87f30034b9cd8e63f48202dc7685fcaa25b9f74e74ca884c5d6165481c40
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/mastercard.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:10 GMT
content-type: image/jpeg
last-modified: Mon, 28 Jun 2021 14:54:27 GMT
accept-ranges: bytes
content-length: 203375
date: Thu, 20 Oct 2022 18:54:09 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.woff2
103.212.121.180200 OK 15 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.woff2
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type Web Open Font Format (Version 2), TrueType, length 14844, version 1.0\012- data
Hash bdadb6ce95c5a2e7b673940721450d3c
f1e8cb035436d638da83d4696248cec831dcbe7a
92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:10 GMT
content-type: font/woff2
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
content-length: 14844
date: Thu, 20 Oct 2022 18:54:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/banner-1.jpg
103.212.121.180200 OK 56 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/banner-1.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1358, components 3\012- data
Hash e753a77371287247a9528627fa595e5c
38f3b4c03ae5f016a88367d0951bed33e7624d33
e079ae50b3f21da0a692cb6830ac73b83f5d195002c1698113a88e0d2e51e9f4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/banner-1.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:10 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 07:57:02 GMT
accept-ranges: bytes
content-length: 56400
date: Thu, 20 Oct 2022 18:54:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/video-banner.jpg
103.212.121.180200 OK 30 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/video-banner.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1350x300, components 3\012- data
Hash 04aaede4eaff4c47fee9e5cda6f15095
04aee89a6d71331bd0863e31cf00cc57aa3a6637
2e30fc26c9a9a762e5e782deb357df46ab705d914180aad96ee334016bc90a0e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/video-banner.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:10 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 07:57:44 GMT
accept-ranges: bytes
content-length: 29488
date: Thu, 20 Oct 2022 18:54:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/footer-img.jpg
103.212.121.180200 OK 47 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/footer-img.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1358, components 3\012- data
Hash e690b0f8737c2f963be314144683a87c
3ee9b8248d1566377ed76cd21884846453ef2b16
9ba83177dc703d35cd4b798da8e714a91af5bf5edc10bc05cd854b3de2f2624c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/footer-img.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:10 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 07:57:14 GMT
accept-ranges: bytes
content-length: 46759
date: Thu, 20 Oct 2022 18:54:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/banner-2.jpg
103.212.121.180200 OK 158 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/banner-2.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1358, components 3\012- data
Size 158 kB (157516 bytes)
Hash fdae2d613df2be0a29320fde05e2569e
6de0399e36fd1f0b2f6ccd33f88ef2250e3e0f59
f88a29aeac5d38e9aeda9d3b15f4716efb3b478c8bd19d78cd10e29b1fcbae64
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/banner-2.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:10 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 07:57:04 GMT
accept-ranges: bytes
content-length: 157516
date: Thu, 20 Oct 2022 18:54:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/logo/logo-white-vertical.png
103.212.121.180404 Not Found 13 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/logo/logo-white-vertical.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (676)
Hash 6580e9596b230a293042b178bf4a399f
ae6c7ec8afe5dd0a1c6f1d95842f541efb895773
c05dea0520ea81531678ffe08caa86787e26aa8ecc4032d4e1cd47a02c076f86
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/logo/logo-white-vertical.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/8.0.15
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.eplimo.ae/wp-json/>; rel="https://api.w.org/"
content-length: 13359
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Oct 2022 18:54:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.ttf
103.212.121.180200 OK 67 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.ttf
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type TrueType Font data, 11 tables, 1st "GSUB"\012- data
Hash 52845eaa20f9b2d41187f1b0612243b0
8e93f34014e7209253781346ec57a9ef0f6651e4
5dfd658895e42c66dfea83bef6de42e611f27c57b7fa4d65559b13d0253a6121
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.ttf HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:10 GMT
content-type: font/ttf
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
content-length: 196952
date: Thu, 20 Oct 2022 18:54:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.ttf
103.212.121.180200 OK 40 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.ttf
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type TrueType Font data, 11 tables, 1st "GSUB", 18 names, Macintosh, Font AwesomeFont Awesome 5 FreeRegularFont Awesome 5 Free RegularFont Awesome 5 Free RegularVers\012- data
Hash b48c48ea8457846a5695b139c377d3d1
b65c09901ecd41417c7efb747372dfef763ba2f1
ecb5719eb6408359d91fd2530646064a3f251aed691fd48277289cc8d6d53dfa
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.ttf HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:11 GMT
content-type: font/ttf
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
content-length: 40232
date: Thu, 20 Oct 2022 18:54:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff
103.212.121.180200 OK 82 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type Web Open Font Format, TrueType, length 95436, version 1.0\012- data
Hash 475f77a49c0d317310a4ef1b3347d87f
fdec701136d83344afd8f3563b3edbaf6e1e9f42
6e330f6dd1361e7b73e8c0e25e6066b2f43d3e25ae2771d4b6b4fdafbdf1cbd7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:11 GMT
content-type: font/woff
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
content-length: 95436
date: Thu, 20 Oct 2022 18:54:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 20 Oct 2022 18:41:09 GMT
expires: Thu, 20 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 783
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.eot
103.212.121.180200 OK 54 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.eot
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type Embedded OpenType (EOT), Font Awesome 5 Free family\012- data
Hash 2f1b3798d88ff4aa4085ccb80eae8966
320d8052d0e31afc06950bca52a18877ad96be7a
83ff6ab8cc62ceae664509364177cc7f50f74995f77f852a99b5d53a4e50aed5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.eot HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/vnd.ms-fontobject
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
content-length: 197172
date: Thu, 20 Oct 2022 18:54:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 8766c5a801f08afceca9b66ff9097e6a
ce7640d1d166eddeb9d40be642ec34652f790713
f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 20 Oct 2022 18:54:12 GMT
expires: Thu, 20 Oct 2022 18:54:12 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff2
103.212.121.180206 Partial Content 104 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff2
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Size 104 kB (104219 bytes)
Hash a7bab3073c48ebdf2c866d161be50436
ba8f2c0701f992692b59c2c4e2da460fc83c11a9
5848336d0ce29b146c0618d25c7059c1caf58239359479ac8753493613c2e87e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=16059-
If-Range: Sun, 19 Jul 2020 15:32:12 GMT
TE: trailers
HTTP/2 206 Partial Content
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:11 GMT
content-type: font/woff2
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
content-range: bytes 16059-73851/73852
content-length: 57793
date: Thu, 20 Oct 2022 18:54:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 98eb39a8c874650d2e8fe7e70c8ffc9f
8e6069b2c92d3f6be9caffef93edbee13706d3e6
b84f4791529fad05d5c153b89ccfbe32be10ca8f0567112b1356459558861a2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b4ded5812e05504cc00fe8fbe84f15f4
0dc42fa74a67e7d0a56cb443fe8eab00a9d74ab5
270f810160a5e4309084e76c3657d97f4f4bd490b35fb9f1bda2f9c856f4f27b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/vieroots.png
103.212.121.180200 OK 40 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/vieroots.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 97542cc047d42523f30deb4605624a86
106a3eaba0ca5182ff2c47418c8368d51b8ef5ac
fbab316b9eeaba0e02b063e3ce549c621efe523f412b21deae4c56a488be3b7c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/vieroots.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:12 GMT
content-type: image/png
last-modified: Wed, 21 Oct 2020 08:16:30 GMT
accept-ranges: bytes
content-length: 39482
date: Thu, 20 Oct 2022 18:54:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff
103.212.121.180200 OK 17 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type Web Open Font Format, TrueType, length 81612, version 1.0\012- data
Hash 9a927eb952d90f797f98b1e4b3607feb
f42184c77081275d0cad572df14277073ed0d0df
94ee2c5d0b68758699e3f308c7186fcbfe9a186f0ae1f2f320dc719bbf3c4050
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:11 GMT
content-type: font/woff
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
content-length: 81612
date: Thu, 20 Oct 2022 18:54:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc3be1f50e5bae23905ff7baee514016
0ca7ebbdc6bb9771c66708cc97a711f0e0b12248
8cff6e20893e92c97209ffc7e8359390d9d2771894ad8cddfdd7aae0d19d7685
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.eot
103.212.121.180200 OK 40 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.eot
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type Embedded OpenType (EOT), Font Awesome 5 Free family\012- data
Hash 6493321d567eb0f22bd5112fbcf044a8
d4c842f160898ecb62aa69a0bc560e16264c2b3a
169416887c9d3c310bf02a12eaf82269d4cf77b16af2e91745b1c152bba0061d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.eot HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/vnd.ms-fontobject
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
content-length: 40460
date: Thu, 20 Oct 2022 18:54:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.ttf
103.212.121.180206 Partial Content 165 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.ttf
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Size 165 kB (164871 bytes)
Hash 7090f04a52d518c886dc48ee25f3cfb3
ea5c01f913cf95f906d392d729afb7c75d737448
78c207be7ac2506a110ea3140e1bfa1925f65b8e4f3092c7a4d9f6bd30318f9a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.ttf HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=49048-
If-Range: Sun, 19 Jul 2020 15:32:12 GMT
TE: trailers
HTTP/2 206 Partial Content
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:11 GMT
content-type: font/ttf
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
content-range: bytes 49048-196951/196952
content-length: 147904
date: Thu, 20 Oct 2022 18:54:11 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff
103.212.121.180206 Partial Content 93 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Hash 2a83a7f42691d7cf1319ffa6ec817786
c4a8cbaa7572f4ec43b43f2996e5e6943772accd
aaae709f2aa50ddc1c04700a0497730aa1c8d62ab05a194fe7ff9eeaa75b2063
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=16330-
If-Range: Sun, 19 Jul 2020 15:32:12 GMT
TE: trailers
HTTP/2 206 Partial Content
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:12 GMT
content-type: font/woff
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
content-range: bytes 16330-81611/81612
content-length: 65282
date: Thu, 20 Oct 2022 18:54:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.ttf
103.212.121.180206 Partial Content 66 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.ttf
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PDP-11 kernel overlay\012- data
Hash e8883571acc41a25be0f9da776fa63e8
dc3ae0ce8ac9943e99fd4d1ce8859362bf3d8cab
a23d22b6b8aef108bf575240598b8cb5745fe37e62ce85217ca72901792b168e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.ttf HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=32727-
If-Range: Sun, 19 Jul 2020 15:32:12 GMT
TE: trailers
HTTP/2 206 Partial Content
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:12 GMT
content-type: font/ttf
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
content-range: bytes 32727-126191/126192
content-length: 93465
date: Thu, 20 Oct 2022 18:54:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-172838410-1&cid=1927080062.1666292063&jid=769334591&gjid=1004754592&_gid=1351202576.1666292063&_u=YEBAAEAAAAAAACAAI~&z=1824175477
173.194.73.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-172838410-1&cid=1927080062.1666292063&jid=769334591&gjid=1004754592&_gid=1351202576.1666292063&_u=YEBAAEAAAAAAACAAI~&z=1824175477
IP 173.194.73.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-172838410-1&cid=1927080062.1666292063&jid=769334591&gjid=1004754592&_gid=1351202576.1666292063&_u=YEBAAEAAAAAAACAAI~&z=1824175477 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://beyondmydna.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Oct 2022 18:54:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/613420709/?random=1666292063503&cv=9&fst=1666288800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgaj0&sendb=1&frm=0&url=https%3A%2F%2Fbeyondmydna.com%2Fsiai%2Fsubmiaboiqunsd&tiba=VIEROOTS&async=1&fmt=3&is_vtc=1&random=890844359&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/613420709/?random=1666292063503&cv=9&fst=1666288800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgaj0&sendb=1&frm=0&url=https%3A%2F%2Fbeyondmydna.com%2Fsiai%2Fsubmiaboiqunsd&tiba=VIEROOTS&async=1&fmt=3&is_vtc=1&random=890844359&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/613420709/?random=1666292063503&cv=9&fst=1666288800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgaj0&sendb=1&frm=0&url=https%3A%2F%2Fbeyondmydna.com%2Fsiai%2Fsubmiaboiqunsd&tiba=VIEROOTS&async=1&fmt=3&is_vtc=1&random=890844359&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 Oct 2022 18:54:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 038718f2af2127c43a536906536901d6
7443f6c69b456b9b6d91f274ee2d395d30851dac
78909b697ea6987336df513055387483bbaf4b78bfe9be1ebee8e009aa1704ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 98eb39a8c874650d2e8fe7e70c8ffc9f
8e6069b2c92d3f6be9caffef93edbee13706d3e6
b84f4791529fad05d5c153b89ccfbe32be10ca8f0567112b1356459558861a2a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=beyondmydna.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=beyondmydna.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=beyondmydna.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 20 Oct 2022 18:54:12 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=beyondmydna.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=beyondmydna.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=beyondmydna.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 20 Oct 2022 18:54:12 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 81fdbedab751064ebc5e65ee871c166d
66093c28406733f11bc80247aa669acae6fca850
c3e7afff876beb618a3e39747e85bb68f93284e83e48d705a451568e55bb44c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c56960ac93421e7c246b0340770b60e
926011986157ebea3fdf9f74c9209d7983d1b00a
88be6b950e174f60f567b3916a69b35190951710b2557924a9647a3af4107968
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Oct 2022 18:54:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff2
103.212.121.180200 OK 0 B URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff2
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 27 Oct 2022 18:54:10 GMT
content-type: font/woff2
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
content-length: 73852
date: Thu, 20 Oct 2022 18:54:10 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
beyondmydna.com/siai/submiaboiqunsd
103.212.121.180200 OK 0 B URL HTTP/2 beyondmydna.com/siai/submiaboiqunsd
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /siai/submiaboiqunsd HTTP/1.1
Host: beyondmydna.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/8.0.15
content-type: text/html; charset=UTF-8
link: <https://www.eplimo.ae/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Oct 2022 18:54:07 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.eot
103.212.121.180200 OK 0 B URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.eot
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.eot HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/vnd.ms-fontobject
last-modified: Sun, 19 Jul 2020 15:32:10 GMT
accept-ranges: bytes
content-length: 126428
date: Thu, 20 Oct 2022 18:54:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2