Report - www.exness.com/intl/th/

Report Overview

Submitted URL
www.exness.com/intl/th/
IP
45.60.78.64
ASN
#19551 INCAPSULA
Submitted
2022-09-14 19:56:54
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.77.32
unpkg.com	11693	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	757 B	15 kB	104.16.125.175
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	21 kB	142.250.74.174
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	499 B	694 B	142.250.74.164
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	498 B	694 B	142.250.74.3
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
cdn.cookielaw.org	502	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	113 kB	104.16.148.64
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	7.7 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	948 B	34 kB	142.250.74.163
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	586 B	708 B	142.251.1.155
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	57 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
static.site24x7rum.com	20553	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409 B	407 B	54.230.111.72
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
www.exness.com	210049	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	700 B	45.60.78.64
www.exness.uk	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	297 kB	45.60.78.64
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	52 kB	142.250.74.10
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	100.20.30.105

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-14	medium	www.exness.uk/media/o9uqivq4bpuc/1k9Tp41nUr8Zw4pom6siiN/68097a3ecb6e28760a734ff2bfa413ea/logo.svg	Phishing
2022-09-14	medium	www.exness.uk/intl/th/	Phishing
2022-09-14	medium	www.exness.uk/framework-503975f2ecca4dec5b9e.js	Phishing
2022-09-14	medium	www.exness.uk/webpack-runtime-a27d38ee8a3786a8f857.js	Phishing
2022-09-14	medium	www.exness.uk/app-11df178f9bc3059d4b90.js	Phishing
2022-09-14	medium	www.exness.uk/icons/icon-512x512.png?v=b474837a95da9ba4361183564c5d180e	Phishing
2022-09-14	medium	www.exness.uk/favicon-32x32.png?v=b474837a95da9ba4361183564c5d180e	Phishing
2022-09-14	medium	www.exness.uk/manifest.webmanifest	Phishing
2022-09-14	medium	www.exness.uk/page-data/app-data.json	Phishing
2022-09-14	medium	www.exness.uk/page-data/404/page-data.json	Phishing
2022-09-14	medium	www.exness.uk/component---src-templates-page-error-js-b21a3a2161433d85a999.js	Phishing
2022-09-14	medium	www.exness.uk/page-data/sq/d/1067236220.json	Phishing
2022-09-14	medium	www.exness.uk/page-data/sq/d/3137483302.json	Phishing
2022-09-14	medium	www.exness.uk/page-data/sq/d/3672685860.json	Phishing
2022-09-14	medium	www.exness.uk/icons/icon-48x48.png?v=b474837a95da9ba4361183564c5d180e	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	cdn.cookielaw.org/scripttemplates/otSDKStub.js	22 kB	2023-03-07	2024-03-05
Pretty URL cdn.cookielaw.org/scripttemplates/otSDKStub.js IP 104.16.148.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58:52 Last Seen2024-03-05 19:00:25 Times Seen96 Hash a750a84d2cd5eb69aa0b8b1b94db6da8 56fd3e55c49aa5f3e48e525ae794da9b070cfa6c bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0 Loading...

	www.exness.uk/intl/th/	67 B	2023-03-07	2024-03-02
Pretty URL www.exness.uk/intl/th/ IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:59 Last Seen2024-03-02 07:30:59 Times Seen92 Hash d380dc716585c6013832e6be73c5d451 30c1394c41cabea3f0621c07fd1e716307e9feb6 57c30bbe85dd98ac6541ed647eea75380560049b42242012a60b44eabdf90b00 Loading...

	www.exness.uk/intl/th/	29 B	2023-03-07	2024-04-23
Pretty URL www.exness.uk/intl/th/ IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19:15 Last Seen2024-04-23 18:13:19 Times Seen1352 Hash 802d15edb9cf83b91b7e8321adde0df5 dc26ed046e3efd5e38fd3507692ccf59a923a91d dff98d529a85f57fe031813e6ce1ba83c77a237db0758756c16b8093dd263c23 Loading...

	www.exness.uk/intl/th/	3.4 kB	2023-03-07	2024-03-01
Pretty URL www.exness.uk/intl/th/ IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:43:12 Last Seen2024-03-01 11:33:46 Times Seen21 Hash 85df7bf5872558e8a2d3bcf009555bea 75b14ece9626a513912c50ffc19b2789ef8679f0 25382e076d378f92dc2a8dd598af75fc638611e3dbe2c755e7644825a9791a7e Loading...

	www.exness.uk/intl/th/	100 B	2023-03-07	2024-02-11
Pretty URL www.exness.uk/intl/th/ IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:43:12 Last Seen2024-02-11 08:32:32 Times Seen1 Hash 27b7b3bc6e9ac1d399095c070e01a6ba 6eac2048f206510a08eb5c278f5be2fb3f9d30b4 c46e7797adcfb0b6374b9379299e75264652a84fb7d8e7ddd2b9f516344341cf Loading...

	unpkg.com/pwacompat	6.2 kB	2023-03-07	2024-04-21
Pretty URL unpkg.com/pwacompat IP 104.16.125.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:43:12 Last Seen2024-04-21 20:46:44 Times Seen175 Hash 048d919591a36ad00b235a84bffd0f35 e19d08f4238bfcb58706a0daccb221ddc699ac8c 42689f1bdb72d9ca37efad650562702f929d0ce749e2c16343f50b138683d7c5 Loading...

	www.exness.uk/webpack-runtime-a27d38ee8a3786a8f857.js	4.6 kB	2023-03-07	2024-02-11
Pretty URL www.exness.uk/webpack-runtime-a27d38ee8a3786a8f857.js IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:43:12 Last Seen2024-02-11 08:32:32 Times Seen1 Hash 0d89e178828784af7936a45042378c08 5a62280baf249ad4a9930f3eb0f608b7c5004c76 beb84b7ff5da58f9d142df957f2b0bde52cb4b598341e5dcaadc071420ba259b Loading...

	www.exness.uk/intl/th/	453 B	2023-03-07	2023-07-03
Pretty URL www.exness.uk/intl/th/ IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:43:59 Last Seen2023-07-03 20:27:58 Times Seen7 Hash 3fc2d3c55f458dfeb71369d2cc5edc20 47020f35a1a3aa7701ed08cc0c472b652df9f9b1 ab67566ce2ca69747c6679938b024f1eddd15d58ca8c44abee2fcb4b6a18a390 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-WFFFJ4B	150 kB	2023-03-07	2024-02-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-WFFFJ4B IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:32:00 Last Seen2024-02-11 08:32:32 Times Seen1 Hash 2f02a9fc116a7bd55ea8c9dd6f55a032 02b7fb9b3042af7e5d580e8e1ebb693caf7c1b2b 2da8d88bae66c8f41d617e2c7dd13077ac5ed2dec9ac2ac401ed2051377d8c00 Loading...

	www.exness.uk/intl/th/	567 B	2023-03-07	2024-02-02
Pretty URL www.exness.uk/intl/th/ IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:43:00 Last Seen2024-02-02 17:04:10 Times Seen63 Hash 648d84679b390f4d3cef2036d28c6100 0874c71f54eb143573081f7963c483f6544e9801 bf5a181faf51728a05b3a1795e1313cc789695fb58c27b901c3c48cf4b2e35ea Loading...

	www.exness.uk/intl/th/	345 B	2023-03-07	2024-03-01
Pretty URL www.exness.uk/intl/th/ IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:43:12 Last Seen2024-03-01 11:33:46 Times Seen18 Hash 50f91afe4c66cb4428bced61d3493ff9 5f783c0289634dae09e678dd5279ddb5c9f18f24 a255ba3d640acf55babacea91f57b172d7b6068836304c7991219e42557c421a Loading...

	www.exness.uk/framework-503975f2ecca4dec5b9e.js	150 kB	2023-03-07	2024-02-11
Pretty URL www.exness.uk/framework-503975f2ecca4dec5b9e.js IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:43:12 Last Seen2024-02-11 08:32:32 Times Seen1 Hash 76a082d89d972b620ac5d04a0f0008c9 415dc243a79acbfcd5b22fd266fc34d4fe5e386d d288372fd0df1725e9cf275a4a9e925e7b85f14f8d17465f6d5e8d491c6b12d4 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 21:14:10 Times Seen840 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	www.exness.uk/intl/th/	42 B	2023-03-07	2024-04-21
Pretty URL www.exness.uk/intl/th/ IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:11 Last Seen2024-04-21 17:12:56 Times Seen2623 Hash be2fa4b945397ae525389b0d79009a7a ae91b0b3f38a1626b172bef8383468b01e261f49 90651088409bec74c1dfe71db7d495f4e1ad8a3bb7eef4c749c0794e5537b73a Loading...

	www.exness.uk/intl/th/	978 B	2023-03-07	2024-02-11
Pretty URL www.exness.uk/intl/th/ IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:43:12 Last Seen2024-02-11 08:32:32 Times Seen1 Hash 2d5917775fce0aade16aa3d8d8e0cdb0 2664fc01edcc8d282f87505385b6d881cb656f70 b630a8960430200e871ca1749d5b30f32cba04a3f99d9f75188b912bc7d69bc0 Loading...

	www.exness.uk/app-11df178f9bc3059d4b90.js	597 kB	2023-03-07	2024-02-11
Pretty URL www.exness.uk/app-11df178f9bc3059d4b90.js IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:43:12 Last Seen2024-02-11 08:32:33 Times Seen1 Hash 3725ed3724299154a8c1efc6e3af6244 a87a112f5e4bdb73bc76d4c2b00bcda2d12e2d7e 41a789248d71057295692ca76328472091b56259d9d8595075c4236c799c855f Loading...

	static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=e47ee94188329d8e20aea6adf0456364	1 B	2023-03-07	2024-04-23
Pretty URL static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=e47ee94188329d8e20aea6adf0456364 IP 54.230.111.72 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-23 22:40:30 Times Seen68649 Hash 68b329da9893e34099c7d8ad5cb9c940 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Loading...

	www.exness.uk/intl/th/	3.6 kB	2023-03-07	2024-02-11
Pretty URL www.exness.uk/intl/th/ IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:43:59 Last Seen2024-02-11 08:32:33 Times Seen1 Hash 03d416358c1586c35153d4fbe5624a37 23215a516f5a69a7f08830c7e77fb929934f4c6b 0d56cfa9f5abe6f2aa6f0cd60cfe2888ddebc030decfb3edde5bf2ccdfa38ef8 Loading...

	www.exness.uk/intl/th/	3.8 kB	2023-03-07	2024-02-11
Pretty URL www.exness.uk/intl/th/ IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:43:59 Last Seen2024-02-11 08:32:33 Times Seen1 Hash 591a466bdce4eb4bd485a0b2f7bf4786 321a95280470c18c822ba4ba71255ee1fce08068 fd48949f9407d3efe3cd556c5487da6c4edd2a9ec9972c9c992ef06a7a752cc5 Loading...

	www.exness.uk/component---src-templates-page-error-js-b21a3a2161433d85a999.js	1.8 kB	2023-03-07	2024-02-11
Pretty URL www.exness.uk/component---src-templates-page-error-js-b21a3a2161433d85a999.js IP 45.60.78.64 ASN #19551 INCAPSULA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:43:12 Last Seen2024-02-11 08:32:33 Times Seen1 Hash 282d3615afe88835f2c3492eccb6627f 2ee0dd1ca0acc1a7d2e675604012649acbd88a68 a54c791a120a52b7c1fa3827868cad4bb066d9dab367c190865144e5b4e31c76 Loading...

		Size	First Seen	Last Seen
	#1 Eval - f33a7b1c1ac789284265db886c2f7426	96 B	2023-03-07	2024-03-01
Pretty Observations First Seen2023-03-07 14:43:12 Last Seen2024-03-01 11:33:47 Times Seen110 Hash f33a7b1c1ac789284265db886c2f7426 2558c3ab654815fb70e2ae789f5d8463980f6028 98029da9a68d3a75d408d8f27bb422f55b6837ed986da3e883dcb83f8acfcf70 Loading...

	#2 Eval - 7079dc1856ac6c9fb49ec06d477cc29b	155 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 14:43:12 Last Seen2024-04-19 11:29:42 Times Seen258 Hash 7079dc1856ac6c9fb49ec06d477cc29b 423da388752989f6658f5e28005f2cceaf64a661 f7c8d0852f3cdce289193d452f1b1b6c5dd71faf6e4b59c0bac5352b5976816d Loading...

HTTP Transactions (59)

URL IP Response Size

www.exness.com/intl/th/

45.60.78.64

301 Moved Permanently

0 B

URL HTTP/1.1
www.exness.com/intl/th/
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /intl/th/ HTTP/1.1
Host: www.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: https://www.exness.com/intl/th/
Content-Length: 0
Connection: close

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 19:09:41 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: utTuSEUV74OSOfKtArr6Ito1IwP-5-Oxvc6ufaM-QbvBjt5P3rUxRg==
Age: 2822

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15857
Expires: Thu, 15 Sep 2022 00:21:00 GMT
Date: Wed, 14 Sep 2022 19:56:43 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 85G2RGx_AvLzwPGjMY9QKQ3wRHlomxg3CE91Dxze6oTr7Y1lWgvOow==
age: 55288
X-Firefox-Spdy: h2

www.exness.com/intl/th/

45.60.78.64

302 Found

0 B

URL HTTP/2
www.exness.com/intl/th/
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /intl/th/ HTTP/1.1
Host: www.exness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
cache-control: no-cache
content-length: 0
location: https://www.exness.uk/intl/th/
set-cookie: nlbi_961876=fqW2XE1P63VoxtqEzTYrKwAAAAB1iVD8aCtFO8cMlenXok8k; path=/; Domain=.exness.com
visid_incap_961876=Rd2SQwz8RlKuOE3G+zKGhvsxImMAAAAAQUIPAAAAAADYbAipJmmWL/teST7ugkSi; expires=Wed, 13 Sep 2023 22:32:37 GMT; HttpOnly; path=/; Domain=.exness.com
incap_ses_276_961876=ykgnLwhfD2N1ivMJDI3UA/sxImMAAAAA07S6miVzIL36uVRqW/D9qA==; path=/; Domain=.exness.com
x-cdn: Imperva
x-iinfo: 7-13898703-13885805 pNNN RT(1663185402984 21) q(0 0 0 7) r(0 0) U11
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 19:56:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.exness.uk/media/o9uqivq4bpuc/1k9Tp41nUr8Zw4pom6siiN/68097a3ecb6e28760a734ff2bfa413ea/logo.svg

45.60.78.64

200 OK

722 B

URL HTTP/2
www.exness.uk/media/o9uqivq4bpuc/1k9Tp41nUr8Zw4pom6siiN/68097a3ecb6e28760a734ff2bfa413ea/logo.svg
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1799)
Size
722 B (722 bytes)
Hash
2fd3dd70a9c789d8d42c16290ec180fb
dc971a41454b3f101d78f8406d9dc3e431a4c986
694b64341b98d5079b874d44e800f93386ce3125cb8a26bd27091e71636ce5dd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/o9uqivq4bpuc/1k9Tp41nUr8Zw4pom6siiN/68097a3ecb6e28760a734ff2bfa413ea/logo.svg HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: "864d127d"
content-type: image/svg+xml
content-length: 722
content-encoding: gzip
cache-control: max-age=6091, public
expires: Wed, 14 Sep 2022 21:38:14 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-0 0CNN RT(1663185403126 186) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2

www.exness.uk/intl/th/

45.60.78.64

404 Not Found

10 kB

URL HTTP/2
www.exness.uk/intl/th/
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20944)
Size
10 kB (10004 bytes)
Hash
d871d58efaf26e83cfa1e639c0f45204
fbd6e8bdcd772d53107ac480f4467d24820e8f9e
064f3a36bff059a8ce441db01d605222568c1807266de5802fefaf89191c5619

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /intl/th/ HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
date: Wed, 14 Sep 2022 19:56:43 GMT
content-type: text/html
etag: W/"631605c3-90d0"
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: private
x-content-type-options: nosniff
set-cookie: language=en;Path=/;Max-Age=2628000
nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; path=/; Domain=.exness.uk
visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; expires=Wed, 13 Sep 2023 22:32:42 GMT; HttpOnly; path=/; Domain=.exness.uk
incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==; path=/; Domain=.exness.uk
x-cdn: Imperva
content-encoding: gzip
x-iinfo: 12-12075792-12070795 pNYN RT(1663185403126 17) q(0 0 0 0) r(0 0) U11
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/otSDKStub.js

104.16.148.64

200 OK

7.2 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (21747)
Size
7.2 kB (7151 bytes)
Hash
ec12a4ed6414d59f440cc6667f54fa56
dc045fd45a736db97db94c22d5b4d3a29aa10ea6
1a4fd42ea4ea00d7762d0a273e6094ac7967db784c736280fe77328025427373

HTTP Headers

GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:56:43 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: 7BKk7WQU1Z9EDMZmf1T6Vg==
last-modified: Wed, 14 Sep 2022 02:55:58 GMT
etag: 0x8DA95FCA64A6F5D
x-ms-request-id: 489a42a1-d01e-0039-57e7-c79842000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 3004
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74abb00618c6b515-OSL
X-Firefox-Spdy: h2

www.exness.uk/framework-503975f2ecca4dec5b9e.js

45.60.78.64

200 OK

47 kB

URL HTTP/2
www.exness.uk/framework-503975f2ecca4dec5b9e.js
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
ASCII text, with very long lines (65448)
Size
47 kB (47041 bytes)
Hash
d8e464889b2d9b712baf0f46b3e5da72
f4e96e32f09883b17d218a4cf3065594b1e1295f
aaf08748daa9ad3b20cdc76fe90aa59d66c46f813860132971d2bba2f0998771

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /framework-503975f2ecca4dec5b9e.js HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: "631605ab-24934"
last-modified: Mon, 05 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 47041
content-encoding: gzip
cache-control: max-age=30746632, public
expires: Tue, 05 Sep 2023 16:40:35 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-0 0CNN RT(1663185403126 192) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2

www.exness.uk/webpack-runtime-a27d38ee8a3786a8f857.js

45.60.78.64

200 OK

2.2 kB

URL HTTP/2
www.exness.uk/webpack-runtime-a27d38ee8a3786a8f857.js
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
ASCII text, with very long lines (4634), with no line terminators
Size
2.2 kB (2195 bytes)
Hash
68a165591cf0b5e8db5aeca487c0ce92
70c62cf34e2fc758048bc380f8291a64ce792da5
c44ffdf1d76850eee3873ac17f807110ed7851c01a75d9abbaf243ea42d78bc2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webpack-runtime-a27d38ee8a3786a8f857.js HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: "631605ab-121a"
last-modified: Mon, 05 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 2195
content-encoding: gzip
cache-control: max-age=30746632, public
expires: Tue, 05 Sep 2023 16:40:35 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-0 0CNN RT(1663185403126 192) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2

www.exness.uk/app-11df178f9bc3059d4b90.js

45.60.78.64

200 OK

196 kB

URL HTTP/2
www.exness.uk/app-11df178f9bc3059d4b90.js
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
ASCII text, with very long lines (65454)
Size
196 kB (195589 bytes)
Hash
e94884a4a8ed6e12b5df6d85d76c9e82
6596953a85cce75ea38f0045a5458f7affd0b62b
c4a5cf06c212819a2b0c89731491189fdf7c7ab619aef1359ea6fd46566ca422

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app-11df178f9bc3059d4b90.js HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: "631605ab-91bf7"
last-modified: Mon, 05 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 195589
content-encoding: gzip
cache-control: max-age=30746633, public
expires: Tue, 05 Sep 2023 16:40:36 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-0 0CNN RT(1663185403126 191) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=e47ee94188329d8e20aea6adf0456364

54.230.111.72

200 OK

1 B

URL HTTP/1.1
static.site24x7rum.com/beacon/site24x7rum-min.js?appKey=e47ee94188329d8e20aea6adf0456364
IP
54.230.111.72:0
ASN
#16509 AMAZON-02

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

HTTP Headers

GET /beacon/site24x7rum-min.js?appKey=e47ee94188329d8e20aea6adf0456364 HTTP/1.1
Host: static.site24x7rum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript;charset=ISO-8859-1
Content-Length: 1
Connection: keep-alive
Date: Wed, 14 Sep 2022 17:13:06 GMT
Access-Control-Allow-Origin: *
Server: ZGS
X-Cache: Hit from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: S1D7Ldv1KFgQ5GyHWRxDFR54NCJlrNIRDJy-Y19CeRUktiu6LJzf5w==
Age: 9818

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c86fc6649c7c512abb52fcd62d51ee26
bf241d6c1779668447df444a239d715b6ed46f6d
822cb499ea058f2c40ce4942048528575fadc172d3669007f5f34fae41c7ea49

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.cookielaw.org/consent/8f8704d2-8807-494e-91c9-b7af072efb26/8f8704d2-8807-494e-91c9-b7af072efb26.json

104.16.148.64

200 OK

1.4 kB

URL HTTP/2
cdn.cookielaw.org/consent/8f8704d2-8807-494e-91c9-b7af072efb26/8f8704d2-8807-494e-91c9-b7af072efb26.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (3104), with no line terminators
Size
1.4 kB (1354 bytes)
Hash
e3e32254fcf78161da0a3de49afcba5f
067671a81268884c7c40a8c4d35d4fe3900f9644
ca68e018d2ebe02464208fdff5e901c65de58d6a4cedbdcb472941e9f20bee78

HTTP Headers

GET /consent/8f8704d2-8807-494e-91c9-b7af072efb26/8f8704d2-8807-494e-91c9-b7af072efb26.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.exness.uk
Connection: keep-alive
Referer: https://www.exness.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:56:44 GMT
content-type: application/x-javascript
content-length: 1354
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: 4+MiVPz3gWHaCj3kmvy6Xw==
last-modified: Wed, 18 May 2022 01:26:36 GMT
etag: 0x8DA386D73ADEB53
x-ms-request-id: 8e3e44da-301e-0038-3f66-6a99bf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2070
expires: Wed, 14 Sep 2022 23:56:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74abb0070b331c06-OSL
X-Firefox-Spdy: h2

unpkg.com/pwacompat

104.16.125.175

302 Found

3.5 kB

URL HTTP/2
unpkg.com/pwacompat
IP
104.16.125.175:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
3.5 kB (3487 bytes)
Hash
435ea1bae3f3fc8d1efdd7933160d6f6
0fd7008979c8fbe979d3011014f2595eb3cf02d6
36a4c13bee6be65e08cb08a94d34c4438bebb77a122f6d5ec0614fb743693a50

HTTP Headers

GET /pwacompat HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.exness.uk
Connection: keep-alive
Referer: https://www.exness.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 14 Sep 2022 19:56:43 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /pwacompat@2.0.17
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GCYS4G26BDHZPZ736BPAR26R-ams
cf-cache-status: HIT
age: 65
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74abb0061f690b39-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

104.16.148.64

200 OK

76 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65455)
Size
76 kB (75930 bytes)
Hash
523e98a35ea92fd6e6d32d6728a8c98e
e0951a7bfa0700679aa41a03394286723e697d93
a746202b022948dfc0461cf24b3be5b01d0c08b924b23545f3cba6e2d15b41a9

HTTP Headers

GET /scripttemplates/6.22.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:56:44 GMT
content-type: application/javascript
content-length: 75930
content-encoding: gzip
content-md5: Uj6Yo16pL9bm0y1nKKjJjg==
last-modified: Thu, 19 Aug 2021 02:39:18 GMT
etag: 0x8D962BA8ADAEF03
x-ms-request-id: 18163f5d-b01e-0083-086c-c4784b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 28583339
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74abb0076b1bb515-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

142.250.74.10

200 OK

51 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
51 kB (51238 bytes)
Hash
82d56b3065c20b094178960979f3c9c2
e4bdaa54166fdd5a96364005567fd457164cdb59
317412b10ae90c77cc84a5d65a7a76e48ef0cad7f8b6fcc4360ded4bffd7e464

HTTP Headers

GET /css?family=Roboto:400,500,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 19:56:43 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.exness.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 1356
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 19:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 19:37:01 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: i6ELA4angAWASr1Fj1ht6jRy7i9mKtzRV42yYfe8hNEOTZ8EVyZsHQ==
Age: 3202

www.exness.uk/icons/icon-512x512.png?v=b474837a95da9ba4361183564c5d180e

45.60.78.64

200 OK

27 kB

URL HTTP/2
www.exness.uk/icons/icon-512x512.png?v=b474837a95da9ba4361183564c5d180e
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (26712 bytes)
Hash
873c9d477160f023b96935a42cbe1b9d
2548af0afd95326b592f2c5691bfdbec6b34a18f
29bfcc236697e92eb74f16ca38c0d18fc911e2f49152d6ef79d92eea0c5fa337

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /icons/icon-512x512.png?v=b474837a95da9ba4361183564c5d180e HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: "6316058d-6e99"
last-modified: Mon, 05 Sep 2022 14:19:57 GMT
content-type: image/png
content-length: 26712
cache-control: max-age=31416, public
expires: Thu, 15 Sep 2022 04:40:19 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-12074626 2CNN RT(1663185403126 490) q(0 0 0 -1) r(0 0)
X-Firefox-Spdy: h2

www.exness.uk/favicon-32x32.png?v=b474837a95da9ba4361183564c5d180e

45.60.78.64

200 OK

1.5 kB

URL HTTP/2
www.exness.uk/favicon-32x32.png?v=b474837a95da9ba4361183564c5d180e
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1535 bytes)
Hash
02f0db74dac5e0b417763513f0299f99
4fd218c117ba80c07525534f004fb5e71061f6fe
49ffe637116fd9a3bd5b458bfa98713efa868322b509f026fbe2c64e73fd3a22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /favicon-32x32.png?v=b474837a95da9ba4361183564c5d180e HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: "6316058d-620"
last-modified: Mon, 05 Sep 2022 14:19:57 GMT
content-type: image/png
content-length: 1535
cache-control: max-age=2449, public
expires: Wed, 14 Sep 2022 20:37:32 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-0 0CNN RT(1663185403126 493) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.cookielaw.org/consent/8f8704d2-8807-494e-91c9-b7af072efb26/523a24ee-dcb0-4350-89bf-0a9487eff332/en.json

104.16.148.64

200 OK

7.6 kB

URL HTTP/2
cdn.cookielaw.org/consent/8f8704d2-8807-494e-91c9-b7af072efb26/523a24ee-dcb0-4350-89bf-0a9487eff332/en.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (28512), with no line terminators
Size
7.6 kB (7627 bytes)
Hash
4f7e5b8a33000e624fcf9a8b5b5cb4f0
a41d671b5396de132e71d3b6cf15337e5e2373de
4f0e4f8d4488ea194897d428fe4a61c411f6cf1eb5f4e506426f8f7cbd76bd9a

HTTP Headers

GET /consent/8f8704d2-8807-494e-91c9-b7af072efb26/523a24ee-dcb0-4350-89bf-0a9487eff332/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.exness.uk/
Origin: https://www.exness.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:56:44 GMT
content-type: application/x-javascript
content-length: 7627
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: T35bijMADmJPz5qLW1y08A==
last-modified: Wed, 18 May 2022 01:26:37 GMT
etag: 0x8DA386D740F377A
x-ms-request-id: 7a8e0de1-301e-00ff-2a66-6ae57e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2069
expires: Wed, 14 Sep 2022 23:56:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74abb0087d261c06-OSL
X-Firefox-Spdy: h2

www.exness.uk/manifest.webmanifest

45.60.78.64

200 OK

911 B

URL HTTP/2
www.exness.uk/manifest.webmanifest
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
JSON data\012- , ASCII text, with very long lines (911), with no line terminators
Size
911 B (911 bytes)
Hash
b104a686439846f75ac3e9acec2843b7
f38d4abd2b2f939279c3f48bdfd093b70a455174
dd558ab16c2a084344c3e65147255fd9e4c8293bdcebaa70884d327fca82583a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /manifest.webmanifest HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:56:44 GMT
content-type: application/octet-stream
content-length: 911
last-modified: Mon, 05 Sep 2022 14:19:57 GMT
etag: "6316058d-38f"
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-cdn: Imperva
x-iinfo: 12-12075792-12070795 pNNN RT(1663185403126 605) q(0 0 0 -1) r(0 0) U12
X-Firefox-Spdy: h2

www.exness.uk/page-data/app-data.json

45.60.78.64

200 OK

70 B

URL HTTP/2
www.exness.uk/page-data/app-data.json
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
JSON data\012- , ASCII text
Size
70 B (70 bytes)
Hash
78f55930817238cabcb09603535fefd4
9d583d53136f52d20185ef998f3bc37d4efd213b
e360b983c7bb80729a78205035bc88bdbfeac829fac1db2ec94340c88a693d72

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/app-data.json HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: W/"631605c0-32"
last-modified: Mon, 05 Sep 2022 14:20:48 GMT
content-type: application/json
content-length: 70
content-encoding: gzip
cache-control: max-age=60, public
expires: Wed, 14 Sep 2022 19:57:43 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-12075805 2VNN RT(1663185403126 557) q(0 0 0 -1) r(0 1)
X-Firefox-Spdy: h2

www.exness.uk/page-data/404/page-data.json

45.60.78.64

200 OK

3.0 kB

URL HTTP/2
www.exness.uk/page-data/404/page-data.json
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
ASCII text, with very long lines (9705), with no line terminators
Size
3.0 kB (3033 bytes)
Hash
c9cdcd988b941331aba4fdad8bca46f4
3dfab0e92f2dba9c0db8bb78373abf570b3bfb61
6f1c3e8df9b8bfc2c0c4e9e951036dce6f95c5b9f83739fc219e7b450c6966e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/404/page-data.json HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: W/"631605c0-25e9"
last-modified: Mon, 05 Sep 2022 14:20:48 GMT
content-type: application/json
content-length: 3033
content-encoding: gzip
cache-control: max-age=60, public
expires: Wed, 14 Sep 2022 19:57:43 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-12075807 2VNN RT(1663185403126 560) q(0 0 0 -1) r(0 1)
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json

104.16.148.64

200 OK

3.0 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (10843)
Size
3.0 kB (2950 bytes)
Hash
792fef665863081a7642f10bc7b22b49
f30de5899ad8675a26c5a1688c543e7044bce0ab
af415b02ce1afa491d86bd1fafa2416302d69906ded37715ca425b6778cd7d9c

HTTP Headers

GET /scripttemplates/6.22.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.exness.uk/
Origin: https://www.exness.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:56:44 GMT
content-type: application/json
content-length: 2950
content-encoding: gzip
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
last-modified: Thu, 19 Aug 2021 02:39:10 GMT
etag: 0x8D962BA867F281F
x-ms-request-id: 60b1c243-501e-014a-3f44-caaed4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2069
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74abb0090df81c06-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.22.0/assets/v2/otPcCenter.json

104.16.148.64

200 OK

11 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.22.0/assets/v2/otPcCenter.json
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (37295)
Size
11 kB (11387 bytes)
Hash
18547e97b06ab94df47f203505e4250f
c3fb390706da22139963e285865cf4af77e374cf
35c3b153e612b2809fd668d85c67b873887773d1c13d8cb4f796544c0f7a4141

HTTP Headers

GET /scripttemplates/6.22.0/assets/v2/otPcCenter.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.exness.uk/
Origin: https://www.exness.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:56:44 GMT
content-type: application/json
content-length: 11387
content-encoding: gzip
content-md5: GFR+l7BquU30fyA1BeQlDw==
last-modified: Thu, 19 Aug 2021 02:39:12 GMT
etag: 0x8D962BA87864242
x-ms-request-id: 3f572759-901e-0058-386f-c4dc9d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2069
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74abb0090dfb1c06-OSL
X-Firefox-Spdy: h2

www.exness.uk/component---src-templates-page-error-js-b21a3a2161433d85a999.js

45.60.78.64

200 OK

832 B

URL HTTP/2
www.exness.uk/component---src-templates-page-error-js-b21a3a2161433d85a999.js
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
ASCII text, with very long lines (1787), with no line terminators
Size
832 B (832 bytes)
Hash
f0ff3c6598148a20f1a9bf3af2ceced7
55216150ea1178b0c0cedb738fb50736a94502e9
11a35e1179485bf406be7ffdc74842b982b36a96576653a7e69281bb499b219c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /component---src-templates-page-error-js-b21a3a2161433d85a999.js HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==; OptanonConsent=isIABGlobal=false&datestamp=Wed+Sep+14+2022+19%3A56%3A29+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&hosts=&landingPath=https%3A%2F%2Fwww.exness.uk%2Fintl%2Fth%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: "631605ab-6fb"
last-modified: Mon, 05 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 832
content-encoding: gzip
cache-control: max-age=30742748, public
expires: Tue, 05 Sep 2023 15:35:51 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-0 0CNN RT(1663185403126 708) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3ac56507d17ffff5e8b486406985d68
17d26336cd8ea65af3f23db166945f1b3fbbfbab
e7e321340eed681c1269f715b0214e1511d5762fffbe930e7c157b800afa9a39

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5950
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:56:44 GMT
Last-Modified: Wed, 14 Sep 2022 18:17:34 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

www.exness.uk/page-data/sq/d/1067236220.json

45.60.78.64

200 OK

71 B

URL HTTP/2
www.exness.uk/page-data/sq/d/1067236220.json
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
JSON data\012- , ASCII text, with no line terminators
Size
71 B (71 bytes)
Hash
a35c94843e13c91273829da5b0642212
4b4bae0b8197f29f5ebb7837a095c7621c6ea33e
849b229864b5dcf94188cb2608ba802277686bb5c8698c4e3cfd054fe020889a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/sq/d/1067236220.json HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==; OptanonConsent=isIABGlobal=false&datestamp=Wed+Sep+14+2022+19%3A56%3A29+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&hosts=&landingPath=https%3A%2F%2Fwww.exness.uk%2Fintl%2Fth%2F
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: W/"631605c0-35"
last-modified: Mon, 05 Sep 2022 14:20:48 GMT
content-type: application/json
content-length: 71
content-encoding: gzip
cache-control: max-age=60, public
expires: Wed, 14 Sep 2022 19:57:43 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-12075807 2VNN RT(1663185403126 710) q(0 0 0 -1) r(0 0)
X-Firefox-Spdy: h2

www.exness.uk/page-data/sq/d/3137483302.json

45.60.78.64

200 OK

71 B

URL HTTP/2
www.exness.uk/page-data/sq/d/3137483302.json
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
JSON data\012- , ASCII text, with no line terminators
Size
71 B (71 bytes)
Hash
a35c94843e13c91273829da5b0642212
4b4bae0b8197f29f5ebb7837a095c7621c6ea33e
849b229864b5dcf94188cb2608ba802277686bb5c8698c4e3cfd054fe020889a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/sq/d/3137483302.json HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==; OptanonConsent=isIABGlobal=false&datestamp=Wed+Sep+14+2022+19%3A56%3A29+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&hosts=&landingPath=https%3A%2F%2Fwww.exness.uk%2Fintl%2Fth%2F
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: W/"631605c0-35"
last-modified: Mon, 05 Sep 2022 14:20:48 GMT
content-type: application/json
content-length: 71
content-encoding: gzip
cache-control: max-age=60, public
expires: Wed, 14 Sep 2022 19:57:43 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-12075805 2VNN RT(1663185403126 711) q(0 0 0 -1) r(0 0)
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.exness.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 1356
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.exness.uk/page-data/sq/d/3672685860.json

45.60.78.64

200 OK

95 B

URL HTTP/2
www.exness.uk/page-data/sq/d/3672685860.json
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
JSON data\012- , ASCII text, with no line terminators
Size
95 B (95 bytes)
Hash
cf5bda543c5d508a371d06335e6bcd4c
d606514e8b608ccbe87642c807bf112586ccc65a
1faf27cb2552dd5e842133812b4f569c16c3f1e583264e440b37efef28ef8783

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/sq/d/3672685860.json HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==; OptanonConsent=isIABGlobal=false&datestamp=Wed+Sep+14+2022+19%3A56%3A29+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&hosts=&landingPath=https%3A%2F%2Fwww.exness.uk%2Fintl%2Fth%2F
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: W/"631605c0-5e"
last-modified: Mon, 05 Sep 2022 14:20:48 GMT
content-type: application/json
content-length: 95
content-encoding: gzip
cache-control: max-age=60, public
expires: Wed, 14 Sep 2022 19:57:43 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-12074867 2VNN RT(1663185403126 712) q(0 0 0 -1) r(1 1)
X-Firefox-Spdy: h2

www.exness.uk/icons/icon-48x48.png?v=b474837a95da9ba4361183564c5d180e

45.60.78.64

200 OK

2.5 kB

URL HTTP/2
www.exness.uk/icons/icon-48x48.png?v=b474837a95da9ba4361183564c5d180e
IP
45.60.78.64:0
ASN
#19551 INCAPSULA

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2465 bytes)
Hash
aaa07f97e4018c4d005ac7e98eadcbe1
4e1e6861a996d1d0c818cc437b0145ea16c5d913
f3c8d472636a64be78e0fb2719a3e6d71e6f75789bd37ac62a37f29d672e51f1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /icons/icon-48x48.png?v=b474837a95da9ba4361183564c5d180e HTTP/1.1
Host: www.exness.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/intl/th/
Cookie: language=en; nlbi_1243376=MR6eFv2zWlMcQ1IAhB7R3QAAAAAFqxq0JcATRHFrsbdqYfgV; visid_incap_1243376=lHe1yYWNRJeH0ypxMCLhEfsxImMAAAAAQUIPAAAAAADzI6D8wQH92m8pRNsG5j4q; incap_ses_276_1243376=Qac9fRMGoTZ7ivMJDI3UA/sxImMAAAAAJzjlcjvwX4Sjz1zy1Am9dA==; OptanonConsent=isIABGlobal=false&datestamp=Wed+Sep+14+2022+19%3A56%3A30+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&hosts=&landingPath=https%3A%2F%2Fwww.exness.uk%2Fintl%2Fth%2F&groups=C0002%3A0%2CC0001%3A1%2CC0003%3A0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
etag: "6316058d-9c8"
last-modified: Mon, 05 Sep 2022 14:19:57 GMT
content-type: image/png
content-length: 2465
cache-control: max-age=21219, public
expires: Thu, 15 Sep 2022 01:50:22 GMT
date: Wed, 14 Sep 2022 19:56:43 GMT
x-cdn: Imperva
x-iinfo: 12-12075792-0 0CNN RT(1663185403126 836) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 14 Sep 2022 18:41:12 GMT
expires: Wed, 14 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 4532
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

100.20.30.105

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
100.20.30.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FbV6pqyEdtuJKuRkCoYHbg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: w7856xTcJUfycQ8KoqzeHBYVCeA=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
20620ba615dba1de34528390492c3f53
2ca43d3a828682e10eb7638972b79b7136395e2b
12cf30cf1de58b4bab8af4a5d159b42909c554ae7b34e6f7361d9a49f1e861b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-93099055-1&cid=754756824.1663185390&jid=1427180200&gjid=1074854977&_gid=1577723349.1663185390&_u=YGBAgAABAAAAAE~&z=393047721

142.251.1.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-93099055-1&cid=754756824.1663185390&jid=1427180200&gjid=1074854977&_gid=1577723349.1663185390&_u=YGBAgAABAAAAAE~&z=393047721
IP
142.251.1.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-93099055-1&cid=754756824.1663185390&jid=1427180200&gjid=1074854977&_gid=1577723349.1663185390&_u=YGBAgAABAAAAAE~&z=393047721 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.exness.uk
Connection: keep-alive
Referer: https://www.exness.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.exness.uk
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Sep 2022 19:56:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
44f0a31315e135bb54b234a3d456b9b0
865896180a4d850d3f077e1480668a93c22b42cb
24c15ff63eb19b697f36f982d4c14df71eaf5d55ec9259a39e5a9f75fe49609e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a8b2bb270d78a6dddeb5b7fa01bd896c
eee28c4dd10c090f100c6ed383392b67d9fb9200
5c929c1a5e85ed508916eda62cccedb3ef1a5f407468596fa2726c476e2a9340

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78f8bae58862d8be3437cfe9e927011d
fb01a9cfd346f2c9b7694276c72a76e213887b06
389d233aa4b3ea23315c9d6e8d72d96fb2f802e227d24199c788a5a89e96a19e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-93099055-1&cid=754756824.1663185390&jid=1427180200&_u=YGBAgAABAAAAAE~&z=1972435246

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-93099055-1&cid=754756824.1663185390&jid=1427180200&_u=YGBAgAABAAAAAE~&z=1972435246
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-93099055-1&cid=754756824.1663185390&jid=1427180200&_u=YGBAgAABAAAAAE~&z=1972435246 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 19:56:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-93099055-1&cid=754756824.1663185390&jid=1427180200&_u=YGBAgAABAAAAAE~&z=1972435246

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-93099055-1&cid=754756824.1663185390&jid=1427180200&_u=YGBAgAABAAAAAE~&z=1972435246
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-93099055-1&cid=754756824.1663185390&jid=1427180200&_u=YGBAgAABAAAAAE~&z=1972435246 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exness.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 19:56:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a8b2bb270d78a6dddeb5b7fa01bd896c
eee28c4dd10c090f100c6ed383392b67d9fb9200
5c929c1a5e85ed508916eda62cccedb3ef1a5f407468596fa2726c476e2a9340

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4893
Expires: Wed, 14 Sep 2022 21:18:18 GMT
Date: Wed, 14 Sep 2022 19:56:45 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4893
Expires: Wed, 14 Sep 2022 21:18:18 GMT
Date: Wed, 14 Sep 2022 19:56:45 GMT
Connection: keep-alive

unpkg.com/pwacompat@2.0.17

104.16.125.175

302 Found

10 kB

URL HTTP/2
unpkg.com/pwacompat@2.0.17
IP
104.16.125.175:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
10 kB (10422 bytes)
Hash
9e8df58880fa4501705d4cdfb8f5f4c2
028e82d17e117973a900620f3b1a7398bb56f61a
bdbaabed1fc36de71f29f09e1b370450486b878b1dbd13aa1409cbed4c3b11b7

HTTP Headers

GET /pwacompat@2.0.17 HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.exness.uk
Referer: https://www.exness.uk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
date: Wed, 14 Sep 2022 19:56:43 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
location: /pwacompat@2.0.17/pwacompat.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01G4XKWX33QFXTA5NC3NSAW46S-fra
cf-cache-status: HIT
age: 8629148
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74abb0063f8d0b39-OSL
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15547 bytes)
Hash
56811a1a20a467464e1f3da171ef8b14
366b2090d409d694b72b4b4131df46dd65d69c5a
4c208fb88884166adf4ecc5882f75948b4a87d85c76ad6e7137e8edbd125c996

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2b71bb0-fd92-43d0-8cd0-b426d0b88ee8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15547
x-amzn-requestid: a78f7d90-84c3-4198-88bf-1d722c37f09f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EUDoAMF13A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-49535e5525606250306488ba;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CWzE6n2U7hSFcSIHX5z76DPIid9pvbOqM6ikOlegBxzbuRThMeLKZA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:46:14 GMT
etag: "366b2090d409d694b72b4b4131df46dd65d69c5a"
content-type: image/jpeg
age: 79831
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10138 bytes)
Hash
0789404fdbe3613d465d8fa89a63d7b8
0617d2e513097ca415a1d07cd39b1cb64d832ecf
80e55e383f354113c3694bbcc00fd1c544a97079bd3c462f1b90e952c0634bac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8cb650f7-1b0f-4a3d-898f-97b846afe9db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10138
x-amzn-requestid: bdf798d9-6729-4363-a900-f32c4041d0c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsGZ-oAMFQ1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-7b146c0620a83d5c00446f87;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OM9K72ukk0cuyR1ZcV5xWXnEd8U9OgeQi7bkCe0Pzn3BfdLMvSdSXg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 03:09:32 GMT
age: 60433
etag: "0617d2e513097ca415a1d07cd39b1cb64d832ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6078 bytes)
Hash
f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:05:07 GMT
age: 78698
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5988 bytes)
Hash
f5befd5bb8e6d5dad2465be69d5a33e4
e5b46c3ca439a09950290cada1af5e27cede10f2
4dc0a3373fb4c1830c4e2420dddbcbe8dceecf10e969cbe8d02368e41207832c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34a3d36b-806f-4fea-a370-b26c1e8473d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5988
x-amzn-requestid: a0d81c7a-14e3-443d-8fb7-19241f06d3c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yaux0H77IAMF2_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f80b-0fe6fbbe75e891b925f88dc2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3PbHWkNMa0XkuY_FcTO22i9YwMdqlJPCho7FlBwdbuUnbWrOv0w5Hg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:59:03 GMT
age: 79062
etag: "e5b46c3ca439a09950290cada1af5e27cede10f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14151 bytes)
Hash
fef8234ab83f6f8f8b29665f592cbc9f
a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7
569c8c9736026fc310e148d4d74081e96a86245baaa1f784280d44a1cbd25ed0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16b1b829-b672-479c-964a-2f636f65f91e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14151
x-amzn-requestid: d5bc9be4-af3a-40fd-bfc9-1ac4769d2d3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4GhboAMF2dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-375df72d2d67582635b9e4ae;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CZRpgjU_AxNYoyeSTOwhJhONl2DS4pvCLJ62RgAFp0flw-kPz3GkpQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:06:54 GMT
etag: "a3e706d6309e4a9d7b293f2b9255f1550ba5e9b7"
content-type: image/jpeg
age: 78591
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css

104.16.148.64

200 OK

0 B

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css
IP
104.16.148.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripttemplates/6.22.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.exness.uk/
Origin: https://www.exness.uk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 14 Sep 2022 19:56:44 GMT
content-type: text/css
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
last-modified: Thu, 19 Aug 2021 02:39:24 GMT
x-ms-request-id: 5c82fd4b-d01e-0150-766f-c481bb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 2069
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 74abb0090dfd1c06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations