r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9086
Expires: Sat, 04 Feb 2023 09:46:06 GMT
Date: Sat, 04 Feb 2023 07:14:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f506626b3a9a43de2be4febe042f1af6
1b10bfac9b0447184efde4dc55c351fc771c0f8d
b2cf89da9ff93d3399961f3c9fa7e7b0d65baa90034a1c9b26f459597a0afaeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2CF89DA9FF93D3399961F3C9FA7E7B0D65BAA90034A1C9B26F459597A0AFAEB"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13593
Expires: Sat, 04 Feb 2023 11:01:13 GMT
Date: Sat, 04 Feb 2023 07:14:40 GMT
Connection: keep-alive
exim.ws/
301 Moved Permanently 224 B IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8b18fbb65343135b432ec151deb5e0d5
0112a792321dc52bdee45dc1cf2f19da03ed016b
08b314a2b23d78416f5264ef66ed0ed13cfe22205e5a97a73ad6ad4b2a9a2463
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 07:14:39 GMT
Server: Apache
Location: https://exim.ws/
Content-Length: 224
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
200 OK 45 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 0cdfed543fb57a2fa88d6017998d4f7a
885f8dd08fb29103462b61e1a449378a92014986
02eed9afdc1a2e5595f5f4f319b7cc31e1afa2ee4b6e65ce80ed22b6551668c6
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: UMEUjm_QFuidA8gJUDjwsMhqEgE28WTqXACzUMe-N4FBVZacNzqb7Q==
content-encoding: gzip
via: 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 07:07:15 GMT
content-type: application/json
content-length: 44676
age: 445
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8743
Expires: Sat, 04 Feb 2023 09:40:23 GMT
Date: Sat, 04 Feb 2023 07:14:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nnUZLa38D175ozH3EuTALLMNzbT9k9fVA4FTco0WI02hdYCytZbDIWrnyKoa3ovZVei/r9ezWAU=
x-amz-request-id: 0D8S7RHKW8J7F6YY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 06:52:44 GMT
age: 1316
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6915
Expires: Sat, 04 Feb 2023 09:09:55 GMT
Date: Sat, 04 Feb 2023 07:14:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 06:43:36 GMT
content-type: application/json
age: 1864
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 07:14:40 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 07:07:19 GMT
age: 442
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
exim.ws/
301 Moved Permanently 227 B IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2112abbef91c3ba8f0ce44e3e8f3ea5e
aa408effe86952cff4e31e7fbd83efd819b7e440
9a010caf0c7bb94efc6dd384ccb004c6f923b3fcb1ea3d3c5b31f7f7a11d437a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 07:14:40 GMT
Server: Apache
Location: http://www.exim.ws/
Content-Length: 227
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7671
Expires: Sat, 04 Feb 2023 09:22:32 GMT
Date: Sat, 04 Feb 2023 07:14:41 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oAI7l5xX3acufrRXnW8llQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gOlnliTk+4xkL/PkAETKs4OWLFk=
www.exim.ws/
301 Moved Permanently 228 B IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash accef9911671695b02b3ab68b44aaf40
bbc17d47acff7ff39823547fb1df878731c7d287
866b9de081088bdda2160fb3652b54333455edf4e242ca35d3066b318b0d8642
Analyzer Verdict Alert urlquery suspicious Suspicious - Suspicious JS code
urlquery suspicious Suspicious - Suspicious JS code
fortinet Malware
GET / HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 07:14:41 GMT
Server: Apache
Location: https://www.exim.ws/
Content-Length: 228
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 07:14:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 07:14:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 07:14:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8339
Expires: Sat, 04 Feb 2023 09:33:41 GMT
Date: Sat, 04 Feb 2023 07:14:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 33998
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: slDJVVNZDwjopU0kXbAvAJw4A0I_hGKXbRf9O15sXxmvu0JXe8yuPA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:59 GMT
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
age: 32203
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 32649
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:20:43 GMT
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
age: 24839
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 32650
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 32472
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 07:14:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.exim.ws/
206 Partial Content 25 kB IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1100)
Hash 4a6d28f200ae08b8a88b0def1832a4a0
e46fc66f1bd9552bf066e4e954db8d641fda3b3d
d7e52b9e5e32ffa4238c2dde30189dacac461a4ccc642488d9b26c9078a6ba20
Analyzer Verdict Alert urlquery suspicious Suspicious - Suspicious JS code
urlquery suspicious Suspicious - Suspicious JS code
fortinet Malware
GET / HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Range: bytes=47948-
If-Range: Mon, 30 Jan 2023 01:47:38 GMT
HTTP/1.1 206 Partial Content
Date: Sat, 04 Feb 2023 07:14:42 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 01:47:38 GMT
Accept-Ranges: bytes
Content-Length: 25363
Content-Range: bytes 47948-73310/73311
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 07:14:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/ga-lite/latest/ga-lite.min.js
200 OK 682 B URL HTTP/2 cdn.jsdelivr.net/ga-lite/latest/ga-lite.min.js
IP
File type ASCII text, with very long lines (506)
Hash 823a75432d86fea0db2d125349b95786
636ce289359b8562c8d24517a3696456f3b6910d
e06bc7038a96c2105d8bd73aa326a3585b2f2bab842b968c5abbafd2eb30163d
GET /ga-lite/latest/ga-lite.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"440-nxmVgtBpvRzTnpK1CdabJN/yS8A"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 07:14:44 GMT
age: 2160377
x-served-by: cache-fra-eddf8230103-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 682
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
Hash fb505e53d74f831be8b2ee8b732c8eb9
a2ae584f5dc371e426a3f780df2858049f27bca1
4414ef32b7d88aaca520a0f111c676add2823fc1706025d32e3c9bc2a292f3e0
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "B804A0255FF373D7E461655F346A78EC771430BC"
Expires: Sat, 04 Feb 2023 18:00:00 GMT
Last-Modified: Sat, 04 Feb 2023 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 682
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79419c719d17b50f-OSL
www.exim.ws/ds.css
200 OK 24 kB IP
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 (with BOM) text, with very long lines (345)
Hash bd8b6a05be4a04a646ef746f403f3d5f
f2fbfc3828cc38ccfba54eacba8afc643ef76bd0
bc3a156bed77dc63f525afd7c98e3dfb300285f0ead9a692802de39dcb299e68
GET /ds.css HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2017 12:54:08 GMT
Accept-Ranges: bytes
Content-Length: 24399
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.exim.ws/js/menu.js
200 OK 155 B IP
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 (with BOM) text
Hash f87b393850fb52c929545ee58f031726
adbbdb6e575add048eb7c134016770974f6abefd
2700aadbe303dff275c2c96689a8d6b5da3e1ab8108114fc9c8aa53406354e86
Analyzer Verdict Alert fortinet Malware
GET /js/menu.js HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:23:16 GMT
Accept-Ranges: bytes
Content-Length: 155
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 07:14:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.exim.ws
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 390123
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.exim.ws/js/main.min.js
200 OK 16 kB URL HTTP/1.1 www.exim.ws/js/main.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (15956), with no line terminators
Hash d60372f657191c383f323abd3ff721dc
c32834e08d81a9ae307045059194d3eca47b47f2
e50159fca2dc5a9298eded99fb7176b0db7d42b4df5dd11f53c3194371dd7b33
Analyzer Verdict Alert fortinet Malware
GET /js/main.min.js HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Thu, 01 Dec 2016 06:37:16 GMT
Accept-Ranges: bytes
Content-Length: 15956
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 07:14:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.exim.ws/contact-us/enquiry_form_validation.js
200 OK 4.8 kB URL HTTP/1.1 www.exim.ws/contact-us/enquiry_form_validation.js
IP
ASN #14061 DIGITALOCEAN-ASN
Hash 9fc29af0403bf99d3679a231c0f97b58
b95ebacd80d02ff55d84951798d193bf3b665f10
1ebd2f8cc58603b9e5e5afce88c28cc23e55e2e3684e06d4d488a3d652536d84
Analyzer Verdict Alert fortinet Malware
GET /contact-us/enquiry_form_validation.js HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Tue, 20 Dec 2016 10:38:36 GMT
Accept-Ranges: bytes
Content-Length: 4832
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.exim.ws/images/logo.png
200 OK 7.5 kB URL HTTP/1.1 www.exim.ws/images/logo.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 280 x 100, 8-bit colormap, non-interlaced\012- data
Hash ebd9cd9649fd637d2290d4ceb44ef768
4140af1232c18f14e81a0b84f724861c0c16198f
93781a35110d03c561f0295fb93019c1b0535d6af8d5b449c94d3d1611cf47b7
GET /images/logo.png HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:19:06 GMT
Accept-Ranges: bytes
Content-Length: 7459
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.exim.ws/js/bootstrap.min.js
200 OK 37 kB URL HTTP/1.1 www.exim.ws/js/bootstrap.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32003)
Hash c5b5b2fa19bd66ff23211d9f844e0131
791aa054a026bddc0de92bad6cf7a1c6e73713d5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Analyzer Verdict Alert fortinet Malware
GET /js/bootstrap.min.js HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:22:25 GMT
Accept-Ranges: bytes
Content-Length: 36868
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.exim.ws/images/pdf.png
200 OK 1.0 kB URL HTTP/1.1 www.exim.ws/images/pdf.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 37 x 35, 8-bit colormap, non-interlaced\012- data
Hash 9e1d8410e46610436424a97e6b82811c
4fb964731bbeb62d449ab863b7215c7eb87373a8
3fa4679375a861213140901977cf5c3759c24f588144b2bd75059198ffb17308
GET /images/pdf.png HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:19:25 GMT
Accept-Ranges: bytes
Content-Length: 1038
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.exim.ws/slider/js/jquery.themepunch.revolution.min.js
200 OK 113 kB URL HTTP/1.1 www.exim.ws/slider/js/jquery.themepunch.revolution.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65205)
Size 113 kB (113138 bytes)
Hash 0801758f13b2e6ddcf5cb4d099da8c21
b5590446180084aae78c71f40fca4824a81a0aac
770f981d80f084f2d2271a8c751756449a11b5ccae8525459f6cb1d37ab89453
Analyzer Verdict Alert fortinet Malware
GET /slider/js/jquery.themepunch.revolution.min.js HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:26:09 GMT
Accept-Ranges: bytes
Content-Length: 113138
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.exim.ws/slider/js/jquery.themepunch.tools.min.js
200 OK 98 kB URL HTTP/1.1 www.exim.ws/slider/js/jquery.themepunch.tools.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (25522)
Hash ff2be50fbaaf60e26cd022218f639822
dc9889af0e3d11dc79521a8d7c231d7c39ffbfd6
bf47bc03c1c1ff93c041eb5a34e4c9471e4e64e0e0c672599f996fc7a972b119
Analyzer Verdict Alert fortinet Malware
GET /slider/js/jquery.themepunch.tools.min.js HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:26:08 GMT
Accept-Ranges: bytes
Content-Length: 98511
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.exim.ws/js/jquery.min.js
200 OK 96 kB URL HTTP/1.1 www.exim.ws/js/jquery.min.js
IP
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 (with BOM) text, with very long lines (32038)
Hash 5270a1b80f5312f923214a1c9cbf0cf4
a01627527d04bfdcc2d60cc37fa4d01e677b205e
c4a025dba3c4fec1529fa0d8a10606d8d9602db75cd314b1d5cc0a859cb666fe
Analyzer Verdict Alert fortinet Malware
GET /js/jquery.min.js HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:23:12 GMT
Accept-Ranges: bytes
Content-Length: 96000
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.exim.ws/images/sol-1.jpg
200 OK 26 kB URL HTTP/1.1 www.exim.ws/images/sol-1.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 228x228, components 3\012- data
Hash 63126b882236887962afb90be406d34b
5d4e835eb52a578b9dfce2649cf4bc203f6a3b8e
7e88b414244467775ede86df4f66a9dd1671828a766adc76bb26fc44e4f4c256
GET /images/sol-1.jpg HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:20:56 GMT
Accept-Ranges: bytes
Content-Length: 25682
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
www.exim.ws/images/sol-2.jpg
200 OK 25 kB URL HTTP/1.1 www.exim.ws/images/sol-2.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 228x228, components 3\012- data
Hash 4647fbc42083ee0cf7fe46a45b0dd33c
ea3481b29ae3c1a36e3ff4841b85135eb8d07c0f
beedc644207e0b2762901401e956faaa180f302192c628525296f30a66adfef1
GET /images/sol-2.jpg HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:21:01 GMT
Accept-Ranges: bytes
Content-Length: 25365
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
www.exim.ws/images/sol-4.jpg
200 OK 28 kB URL HTTP/1.1 www.exim.ws/images/sol-4.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 228x228, components 3\012- data
Hash b34bcd3a6b4bdbf6e53bbdf8798cbeeb
1eff0afab58dc08210b7dffdfb22c3410d862df8
42efd9ece8e8085932f05e7317f7ac4e87355542100575c3fed6e73bb1727079
GET /images/sol-4.jpg HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:21:07 GMT
Accept-Ranges: bytes
Content-Length: 27994
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.exim.ws/images/sol-3.jpg
200 OK 26 kB URL HTTP/1.1 www.exim.ws/images/sol-3.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 228x228, components 3\012- data
Hash 9c247e2fd152b36eaa0d1cb7cf0f7a1d
da592d56eaad3d3005e8fa1c6fb782fbda29beb7
8b3e1740f8cd7a3c8a23a47469954900211a2e433162912829ece9d12571d839
GET /images/sol-3.jpg HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:21:00 GMT
Accept-Ranges: bytes
Content-Length: 25962
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.exim.ws/slider/images/bg-2.jpg
200 OK 289 kB URL HTTP/1.1 www.exim.ws/slider/images/bg-2.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1450x770, components 3\012- data
Size 289 kB (289150 bytes)
Hash 1eda652e20d9ee85e1d79175d0c0be4a
013ef411d0386d1f86e67710d5f7842409b4230a
935953d1cc7a9465205916db2b91b93fb2f3f1ee3c08a9f95fcdd51ac3837a9f
GET /slider/images/bg-2.jpg HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:25:40 GMT
Accept-Ranges: bytes
Content-Length: 289150
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
www.exim.ws/slider/images/bg-4.jpg
200 OK 181 kB URL HTTP/1.1 www.exim.ws/slider/images/bg-4.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1450x770, components 3\012- data
Size 181 kB (181391 bytes)
Hash 3bf34e8a9c926d4b6b0cbdc18f802eb2
7e9f896ef118789874ed121abc0721cbcaeead5c
21de15d2f68828bc043b1f8aaf949118da415b5aeab25caafd3fd18e091a9eb3
GET /slider/images/bg-4.jpg HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:25:47 GMT
Accept-Ranges: bytes
Content-Length: 181391
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.exim.ws/css/main.min.css
200 OK 75 kB URL HTTP/1.1 www.exim.ws/css/main.min.css
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (20134)
Hash 4f3070c7bc46eed010eb01c0f7c827ae
6ffcb57516aceb87475819d78419a6461bc6902b
db742dc42871ee06f0d2ae36d2f52a775ff811e4b16bd0e01e4b49bc66bc1ff1
GET /css/main.min.css HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Mon, 05 Dec 2016 09:51:29 GMT
Accept-Ranges: bytes
Content-Length: 74803
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.exim.ws/css/menu.css
200 OK 4.9 kB IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (326)
Hash 3408abd95be5135df77ca1cd9c0457be
655bd01e69b55d927549144518fa9e1933d00fe7
f986fe0661fffda0366a6d3870f1c5ddee0b7bd2a31bfa2184622224efb74f2a
GET /css/menu.css HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Mon, 05 Dec 2016 12:11:19 GMT
Accept-Ranges: bytes
Content-Length: 4938
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.exim.ws/slider/css/style.css
200 OK 2.7 kB URL HTTP/1.1 www.exim.ws/slider/css/style.css
IP
ASN #14061 DIGITALOCEAN-ASN
Hash 8e1870b3f5e1429f381681c0f6cbefde
82dcb09ebca8b940140907c76f60a0a18c348da2
40c30972d0ecaed1e4f95495bf52317c5a6ec4af70ae7a85e1a8ca0cfc808cfc
GET /slider/css/style.css HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:24:55 GMT
Accept-Ranges: bytes
Content-Length: 2701
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.exim.ws/slider/images/bg-1.jpg
200 OK 214 kB URL HTTP/1.1 www.exim.ws/slider/images/bg-1.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1450x770, components 3\012- data
Size 214 kB (214046 bytes)
Hash abca42d72e396c828b91e055507c3efd
158ef863b790f36bce9a5fa64ebc5cbbd8aa2d26
a563e934d503201e077390139617b2920701d18289d42949afd7df2dc49fb30f
GET /slider/images/bg-1.jpg HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:25:31 GMT
Accept-Ranges: bytes
Content-Length: 214046
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.exim.ws/css/bootstrap.css
200 OK 126 kB URL HTTP/1.1 www.exim.ws/css/bootstrap.css
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (12045)
Size 126 kB (126477 bytes)
Hash df7d7aaa29e4c1a1688eb8440329cdd3
27fb01cda0c9860acc12c49c293030e73aab4c21
f0c131c54c3e1b40b52a5f963f79c64f061de68721a44311a691e193713469bf
GET /css/bootstrap.css HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 29 Mar 2017 12:52:31 GMT
Accept-Ranges: bytes
Content-Length: 126477
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.exim.ws/slider/css/settings.css
200 OK 59 kB URL HTTP/1.1 www.exim.ws/slider/css/settings.css
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (772)
Hash fdf5cc5e8f124bb97424b517b24e2a16
7ca88c43fb1c3ddcafd2ef6a189f5aefd63a7548
1c58362f7dfcebacc0b62d9a17961b6ca2bab584993accec3fbcb633268abe08
GET /slider/css/settings.css HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:24:55 GMT
Accept-Ranges: bytes
Content-Length: 59346
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.exim.ws/slider/css/extralayers.css
200 OK 26 kB URL HTTP/1.1 www.exim.ws/slider/css/extralayers.css
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (863)
Hash ce5b9bda5727c7fec5371629e34e652d
29f0dbe6ea0c2cac30a62dd29cc0b65dda32c330
1504ff6473533713a14e340768a2b07c1c1f6f68e1212e57aff368f6acc8b749
GET /slider/css/extralayers.css HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:24:48 GMT
Accept-Ranges: bytes
Content-Length: 26209
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.exim.ws/captcha/captcha.css
404 Not Found 8.0 kB URL HTTP/1.1 www.exim.ws/captcha/captcha.css
IP
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash a8345868d7869003b8adac67e88b2664
83c21d9c9692865c0b90a1a15a591f492364a830
71fac5ad1a7ea36af886eac8ae472819b3fc1ad130cfb29feb3cd7908f82bd1a
GET /captcha/captcha.css HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 07 Dec 2016 05:41:52 GMT
Accept-Ranges: bytes
Content-Length: 8006
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html
www.exim.ws/css/jquery.bxslider.css
200 OK 2.8 kB URL HTTP/1.1 www.exim.ws/css/jquery.bxslider.css
IP
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2754), with no line terminators
Hash fa6512991d32faa9cbf49e1d1db76d8f
3c4deac0092bad351853e49855ed86224ecf6425
ed8333ad59a07a91ba64f2dfc738018db86dd7bcb2a9578b51680b556b59a1f2
GET /css/jquery.bxslider.css HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:17:39 GMT
Accept-Ranges: bytes
Content-Length: 2754
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.exim.ws/slider/images/bg-3.jpg
200 OK 234 kB URL HTTP/1.1 www.exim.ws/slider/images/bg-3.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1450x770, components 3\012- data
Size 234 kB (234343 bytes)
Hash 5844d94ec365bbaefada9e0a9f1a793e
d0116c6cf88d5132ae9c616da1a5460a4b110e02
e33766317ab5450b3dfe89a53cc0620cc622255eac5d311e6d4d1a4170709731
GET /slider/images/bg-3.jpg HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:43 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:25:44 GMT
Accept-Ranges: bytes
Content-Length: 234343
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.exim.ws/images/automotive.gif
200 OK 4.8 kB URL HTTP/1.1 www.exim.ws/images/automotive.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash 22050483bbb332ffdf2adf51f6115294
d8facf977b8ecb4367cfed06f9ee8e4a70443a9a
2f2672ae5c548f8f381d49f80ae5e25835645c6a55b4f31ad8d6484cac97cf8a
GET /images/automotive.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:18:07 GMT
Accept-Ranges: bytes
Content-Length: 4798
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/
200 OK 53 kB IP
ASN #14061 DIGITALOCEAN-ASN
Hash 6c4cdb96b355b66074208b77bb8c129f
cd5d1f9af0e29055ff851033db5b2d2677c19d5a
2e38114f585cbe37953be4f11cfdfcff7aa40b9ec37226b1301f5121d2c0a0b3
Analyzer Verdict Alert urlquery suspicious Suspicious - Suspicious JS code
urlquery suspicious Suspicious - Suspicious JS code
fortinet Malware
GET / HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:41 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 01:47:38 GMT
Accept-Ranges: bytes
Content-Length: 73311
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
www.exim.ws/fonts/fontawesome-webfont.woff2?v=4.6.3
200 OK 72 kB URL HTTP/1.1 www.exim.ws/fonts/fontawesome-webfont.woff2?v=4.6.3
IP
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Analyzer Verdict Alert fortinet Malware
GET /fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.exim.ws/css/main.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:26:32 GMT
Accept-Ranges: bytes
Content-Length: 71896
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
www.exim.ws/images/auto_compo.gif
200 OK 6.2 kB URL HTTP/1.1 www.exim.ws/images/auto_compo.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash 3d2d71c46b646a35e6832975da3caa84
f261745e00746be190895c482f12542593be0392
944cea2511cb43c2ed1f768bcd0a609e30b4fc861405f50a9213c7277cafcc51
GET /images/auto_compo.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:18:07 GMT
Accept-Ranges: bytes
Content-Length: 6205
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/chemicals.gif
200 OK 4.8 kB URL HTTP/1.1 www.exim.ws/images/chemicals.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash 030128250be55ddaa07fe6028d91a71b
8253e760ee6f82cec87e24d9675b99106ddeefea
1c9d472abed1991a63a88af571c557ef622fb9289e43faa931625b77509b7c77
GET /images/chemicals.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:18:13 GMT
Accept-Ranges: bytes
Content-Length: 4819
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/client-bg.jpg
200 OK 92 kB URL HTTP/1.1 www.exim.ws/images/client-bg.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1384x756, components 3\012- data
Hash 7ef74f4c92596dbbd36359a0168025ec
34d07acc9f7bb0adc60e489fd38d19644c39d97d
0d59c7c39bfcaeebc3ea2a661371f16825729822734dd0c5bc8f2308d295e434
GET /images/client-bg.jpg HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/ds.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:44 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:18:17 GMT
Accept-Ranges: bytes
Content-Length: 91748
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
www.exim.ws/images/construction.gif
200 OK 5.4 kB URL HTTP/1.1 www.exim.ws/images/construction.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash fa21c07e60df495e87f77da4ab6ae5fe
8f276e7c66c77299ca9aaa2a00fb49057bd544b6
197267a6fdcce6a7397bcb2060d3f55d299f40c7083bad699d7a5627fc6afa73
GET /images/construction.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:18:21 GMT
Accept-Ranges: bytes
Content-Length: 5413
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/electronic.gif
200 OK 5.1 kB URL HTTP/1.1 www.exim.ws/images/electronic.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash 2f8e0a507240509e0f21abc053b03a2d
8d97c1221d13e964e60d1e6e5b98dfdee73e9750
7b46070ece1daf05e7aa5d0d27f206b5deb90a7bf0bc91219a6a45d9df476387
GET /images/electronic.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:18:34 GMT
Accept-Ranges: bytes
Content-Length: 5078
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/engineering.gif
200 OK 5.9 kB URL HTTP/1.1 www.exim.ws/images/engineering.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash 942e6955e069a42f78552ccfce36a07f
7eb7027a89537feed0e345ed579d91126e57dc7d
34610e94a99c09d8d22d065c8589a2c3ecdd40ed769e8efbb3b5baebac5e020a
GET /images/engineering.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:18:40 GMT
Accept-Ranges: bytes
Content-Length: 5915
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/food_processing.gif
200 OK 5.6 kB URL HTTP/1.1 www.exim.ws/images/food_processing.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash 03aeeffd131adc7588419b0cb83496ea
ef1ba449f9b906ab4756a75760d08894ae8f432b
511ebe854c0e0198ef91880c3cdd41d5ecf8808384f16cda6cea1d3741393eba
GET /images/food_processing.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:18:47 GMT
Accept-Ranges: bytes
Content-Length: 5646
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/healthcare.gif
200 OK 5.1 kB URL HTTP/1.1 www.exim.ws/images/healthcare.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash 41537594882b4eb791e97a506478e04a
9afc4f2c615a4a00181092a426eb2586fb1d648b
1b52eb79a64cf78c9aa9d97ee15b00dd51fb688a3d3e3a5018b3247d5e7e906a
GET /images/healthcare.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:18:55 GMT
Accept-Ranges: bytes
Content-Length: 5143
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/manufacturing.gif
200 OK 5.1 kB URL HTTP/1.1 www.exim.ws/images/manufacturing.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash ee002e2be8e275dcc9adce8daf8f5183
989acc16dd5e5b4a52d44fca4b141268c58a2d6f
768c954dd188fec0f6dfa275920995b4e59ef72417474d1379d87b32831722c0
GET /images/manufacturing.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:19:09 GMT
Accept-Ranges: bytes
Content-Length: 5111
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/paper.gif
200 OK 6.8 kB URL HTTP/1.1 www.exim.ws/images/paper.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash d0c706710a53744bd5b02cf002196d3c
b9251abd63377513a68442b66664138b9e54f6de
d2e49e6266f74553e5e77474ddd741b5bb3969682c690980f85a7803549f4f05
GET /images/paper.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:19:27 GMT
Accept-Ranges: bytes
Content-Length: 6752
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/petroleum.gif
200 OK 4.1 kB URL HTTP/1.1 www.exim.ws/images/petroleum.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash 4be7a21d463d3773f32c9ffd4cfeb39c
3f05b24a37aa1591630f4bf26d65e83109205813
ae2c9fb1c3acab5d0f64d5d1e0c2cbff4c601a810c7d55d5b08a712403989f18
GET /images/petroleum.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:19:29 GMT
Accept-Ranges: bytes
Content-Length: 4065
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/steel___metal.gif
200 OK 5.7 kB URL HTTP/1.1 www.exim.ws/images/steel___metal.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash 2f70995231b99b33e2228d2ef9278c7f
589c2d9b72c6343e7b4db8bb2dc857503dfd4f75
6feed83b05f3f29fbd2acb8f7593d6bf622fb962baa893b617fade9108822c35
GET /images/steel___metal.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:21:12 GMT
Accept-Ranges: bytes
Content-Length: 5704
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/textile.gif
200 OK 5.6 kB URL HTTP/1.1 www.exim.ws/images/textile.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash 0a65085b24a12d584e7229b9768c7ffa
b9e85973fbb40e043009119d5844c5507e8678dc
507efad080cdbe28f2819be9cfd819624e3425beaca8ace83aebca6879573d8e
GET /images/textile.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:21:12 GMT
Accept-Ranges: bytes
Content-Length: 5616
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/pharma.gif
200 OK 4.8 kB URL HTTP/1.1 www.exim.ws/images/pharma.gif
IP
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 179 x 128\012- data
Hash 39a00ebd9030c9d95506748103eaa19a
61e384ce0f337b1647d89503579a69a44bcaf8bf
b9cc4b1adbd2d5d39149152f2de44003ef5d7a9bf094162d29c2902aeaaf5512
GET /images/pharma.gif HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:19:32 GMT
Accept-Ranges: bytes
Content-Length: 4810
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
www.exim.ws/images/sol-5.jpg
200 OK 17 kB URL HTTP/1.1 www.exim.ws/images/sol-5.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 228x228, components 3\012- data
Hash 6aa4b9f130b256a561889134e1bc2b6b
bd51c78cd4bba53ff02f985234d67fcf40a37010
e53945f41d7e47186fe4919764d6ac9309ca94c468966e4a797f0e426ab887aa
GET /images/sol-5.jpg HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:21:06 GMT
Accept-Ranges: bytes
Content-Length: 17225
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.exim.ws/images/sol-6.jpg
200 OK 28 kB URL HTTP/1.1 www.exim.ws/images/sol-6.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 228x228, components 3\012- data
Hash bfe49e45e253710679c690ea1e81a40c
60d2bb1f57d7b80cf4957a025a2bd5f85ba2b138
03c3eb547f5d5ae19c87d25afff1fa8353389a6fb7a548be46ce55d974981d55
GET /images/sol-6.jpg HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:21:08 GMT
Accept-Ranges: bytes
Content-Length: 27915
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
www.exim.ws/slider/assets/timer.png
200 OK 125 B URL HTTP/1.1 www.exim.ws/slider/assets/timer.png
IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 1 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash ba593bd9fc9e07110f3dc74f728b3768
9620e53c9e0a5b5d55e15b23f556e2089e903fc1
a15348b049a18c85702dde38f379aa78d3809af8c07adcf25236c69b03f6f746
GET /slider/assets/timer.png HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/slider/css/settings.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:24:41 GMT
Accept-Ranges: bytes
Content-Length: 125
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
www.exim.ws/favicon.ico
200 OK 1.3 kB IP
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 610e340ee6eb413fa89ed0bc36a43e6d
263ba9e3144bf854bcb0e0b574cc88f10172ced9
3252f75b6025e3ae5bcdc617e9cf8f33fdecdcc218a4f23580141b58fbfec12d
GET /favicon.ico HTTP/1.1
Host: www.exim.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:14:45 GMT
Server: Apache
Last-Modified: Wed, 30 Nov 2016 13:17:02 GMT
Accept-Ranges: bytes
Content-Length: 1328
Cache-Control: max-age=2592000, public
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/x-icon
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 07:14:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?cid=0.41620738130424606.0.8997422968146509&v=1&tid=UA-88284211-1&dl=https%3A%2F%2Fwww.exim.ws%2F&ul=en-us&de=UTF-8&dt=Exim%20Transtrade%20(India)%20Pvt.%20Ltd.&sd=24-bit&sr=1002x1280&vp=1280x939&dr=&t=pageview&z=1675494921146
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?cid=0.41620738130424606.0.8997422968146509&v=1&tid=UA-88284211-1&dl=https%3A%2F%2Fwww.exim.ws%2F&ul=en-us&de=UTF-8&dt=Exim%20Transtrade%20(India)%20Pvt.%20Ltd.&sd=24-bit&sr=1002x1280&vp=1280x939&dr=&t=pageview&z=1675494921146
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST /collect?cid=0.41620738130424606.0.8997422968146509&v=1&tid=UA-88284211-1&dl=https%3A%2F%2Fwww.exim.ws%2F&ul=en-us&de=UTF-8&dt=Exim%20Transtrade%20(India)%20Pvt.%20Ltd.&sd=24-bit&sr=1002x1280&vp=1280x939&dr=&t=pageview&z=1675494921146 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.exim.ws
Connection: keep-alive
Referer: https://www.exim.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
access-control-allow-origin: https://www.exim.ws
date: Sat, 04 Feb 2023 07:14:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
access-control-allow-credentials: true
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 07:14:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F043bf414-ba77-4973-9779-d0c124ae0baf.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F043bf414-ba77-4973-9779-d0c124ae0baf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28099f5ad8a27e5a49a0d1c842486329
d47caba75b363a4c008e5a9a9d0b8e39d9fa4abd
1d798d35ceae594d86fa43aa0ef47b962c52bb1557e17dda9b294bd01f374b3a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F043bf414-ba77-4973-9779-d0c124ae0baf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8352
x-amzn-requestid: 80032cef-14cd-4f56-9830-8c74891ed00f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEqQFDJIAMFspQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8174-6d3310287fc74bb27e9b038a;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:49:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fAgrJvhZVkG4PsCQPTpyr3pzjFm0KzcoiP6BmcGmecYdamwIMjHMng==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:01 GMT
age: 32688
etag: "d47caba75b363a4c008e5a9a9d0b8e39d9fa4abd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
162.243.134.178
104.18.21.226
23.36.76.226