firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 15 Oct 2022 01:50:00 GMT
Expires: Sat, 15 Oct 2022 02:50:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HePYMl6WvHgt318yHtIl8fOuZzqLAQ6oFwAUBwqS0IP9l017g5gYuw==
Age: 2923
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b424d8c01b211c56d5b44b92e4e4153
b1fdab18f23271eee58ae1482f8af25badc2ffda
1c82a5fd2bc3f16a66becb5e1924e8c9edd39386622dc2e5ed296442f4307b2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C82A5FD2BC3F16A66BECB5E1924E8C9EDD39386622DC2E5ED296442F4307B2B"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2410
Expires: Sat, 15 Oct 2022 03:18:53 GMT
Date: Sat, 15 Oct 2022 02:38:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bce7a9c1ff7500c4cfad5c3a3581a939
74b8dadf6ead0ce5d1d72e40a2eac554c5f5430c
6c840089371a0e25d60d0d76d6400348b0cdfb5967876c7b88e2b4a2aaf01a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C840089371A0E25D60D0D76D6400348B0CDFB5967876C7B88E2B4A2AAF01A03"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3874
Expires: Sat, 15 Oct 2022 03:43:17 GMT
Date: Sat, 15 Oct 2022 02:38:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7CBigC2smRDCxHHm/KQfpMGDJrzlLWfsrKI5cUdn7knOK6iXNjxAs8TT3aSYSSx5yyWu0Sw8YhY=
x-amz-request-id: 2E57ZPHQAP8AVEGX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 15 Oct 2022 02:34:27 GMT
age: 256
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:43 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.comodoca.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8093a59b9878ba704b1344ab551a5804
73e17d54f726242a042d7ffac48d4635988519e0
5e67d605eaa2b24f5c0e0ea8e952f76252acb6c7d02dcbeb3dce34890bcb5370
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 02:38:44 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 14 Oct 2022 00:38:40 GMT
Expires: Fri, 21 Oct 2022 00:38:39 GMT
Etag: "73e17d54f726242a042d7ffac48d4635988519e0"
Cache-Control: max-age=568065,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75a52e244ade0afe-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 15 Oct 2022 02:07:43 GMT
Expires: Sat, 15 Oct 2022 02:46:21 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tX-ZA1JJEuouv0q-SUUSU6kgULbAbvSUkR-WR7R0YSOpLXo6qLRi3g==
Age: 1861
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 90336661a2936bdb9efcc26998693b34
bee3b0e35ce901bff835d43a0f22eb0765ab8264
717bf09925581cc0668632ad10dfc2b714e77f9ba2c3852e8cf3ead552fde950
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2297
Cache-Control: max-age=108384
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:44 GMT
Etag: "6349189b-1d7"
Expires: Sun, 16 Oct 2022 08:45:08 GMT
Last-Modified: Fri, 14 Oct 2022 08:06:51 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d3a7a0d85121715a9a3590df07145cd8
7da0f8eba172ed91b10f292054a913b1b33da66d
e77042397dd2555f12bfd9ed17a663845ce9c657c852af3807c90581f91fbb90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d5ed407e919c07a9656b2b6e4079f9bb
f5302c72ba5d7622bba0e82a13102cbb09a0b834
bf93eb8a66d73c8b2425f3a16fc077959f0b7b41634821b852004d22fd213860
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.208.34.131101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.34.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /q0msQleWuh9P8+LXi9tUw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nEeHu9SbM/jxrs1w3H3UeGlgcWM=
ocsp.comodoca.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1a3961ab572716da57b50bff7c39e8d3
6bd0a8e0f93c2f77a72905b1cbd77f577201c90e
d5ba2ce3580e499efdce1ea83b72aeb8af556c6d5b4dcc8bb44ff312f7930394
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 02:38:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 11 Oct 2022 22:48:18 GMT
Expires: Tue, 18 Oct 2022 22:48:17 GMT
Etag: "6bd0a8e0f93c2f77a72905b1cbd77f577201c90e"
Cache-Control: max-age=388637,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75a52e2d7f9cb500-OSL
ocsp.comodoca.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1a3961ab572716da57b50bff7c39e8d3
6bd0a8e0f93c2f77a72905b1cbd77f577201c90e
d5ba2ce3580e499efdce1ea83b72aeb8af556c6d5b4dcc8bb44ff312f7930394
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 02:38:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 11 Oct 2022 22:48:18 GMT
Expires: Tue, 18 Oct 2022 22:48:17 GMT
Etag: "6bd0a8e0f93c2f77a72905b1cbd77f577201c90e"
Cache-Control: max-age=388637,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75a52e2d7cc90b02-OSL
ocsp.comodoca.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1a3961ab572716da57b50bff7c39e8d3
6bd0a8e0f93c2f77a72905b1cbd77f577201c90e
d5ba2ce3580e499efdce1ea83b72aeb8af556c6d5b4dcc8bb44ff312f7930394
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 02:38:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 11 Oct 2022 22:48:18 GMT
Expires: Tue, 18 Oct 2022 22:48:17 GMT
Etag: "6bd0a8e0f93c2f77a72905b1cbd77f577201c90e"
Cache-Control: max-age=388637,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75a52e2d8ae2b521-OSL
ocsp.comodoca.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1a3961ab572716da57b50bff7c39e8d3
6bd0a8e0f93c2f77a72905b1cbd77f577201c90e
d5ba2ce3580e499efdce1ea83b72aeb8af556c6d5b4dcc8bb44ff312f7930394
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 02:38:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 11 Oct 2022 22:48:18 GMT
Expires: Tue, 18 Oct 2022 22:48:17 GMT
Etag: "6bd0a8e0f93c2f77a72905b1cbd77f577201c90e"
Cache-Control: max-age=388637,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75a52e2d9c9bb4ff-OSL
ocsp.comodoca.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1a3961ab572716da57b50bff7c39e8d3
6bd0a8e0f93c2f77a72905b1cbd77f577201c90e
d5ba2ce3580e499efdce1ea83b72aeb8af556c6d5b4dcc8bb44ff312f7930394
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 15 Oct 2022 02:38:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 11 Oct 2022 22:48:18 GMT
Expires: Tue, 18 Oct 2022 22:48:17 GMT
Etag: "6bd0a8e0f93c2f77a72905b1cbd77f577201c90e"
Cache-Control: max-age=388637,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75a52e2d6dac0afe-OSL
www.eplimo.ae/wp-content/themes/Eplimo/assets/css/plugins.css
103.212.121.180200 OK 18 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/css/plugins.css
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type ASCII text, with very long lines (50617), with CRLF line terminators
Hash 259ff78d269efb058d594668c5ae86b9
a6f0cd24ea7834e1133816e6bb47ef6d0c7e3e14
24814a52d71e6af96354fe8308be1783ffa928f828af2aa28d53673eec581582
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/css/plugins.css HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: text/css
content-length: 18364
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Wed, 02 Dec 2020 10:57:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/main.js
103.212.121.180200 OK 4.7 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/main.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Hash 344d803c13cf58c97108eb4c61e73f18
fb4cd4b9fa65fc0932e0a8f0d9e5f6479f8052ae
f0266e5fe818eeb97d7f1bda34c9d847411d4e3e09b566807a34227873b6adbf
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/main.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: application/javascript
content-length: 4675
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Sun, 19 Jul 2020 15:32:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/footer-reveal_init.js
103.212.121.180200 OK 69 B URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/footer-reveal_init.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Hash 5bc4e2262451dd963f390be58e448183
6eaf995aca1dbb8e9bc26b9dd6cdeb3d178d61b7
05657c3b53dc356b06067cd6ef0af503cb8b0e387c3877abdbc8a060d0800311
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/footer-reveal_init.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: application/javascript
content-length: 69
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Sun, 19 Jul 2020 15:32:10 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/particles_init.js
103.212.121.180200 OK 499 B URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/particles_init.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Hash fe4db7d9cf56e43d6bdbb6b75e87f54c
b0b683e7bafc57d522cc948cbee403388c8d932b
1b67501e56dbe689806945b33d5064d6a5d57bd2e7c4f7679c554f9fe8657835
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/particles_init.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: application/javascript
content-length: 499
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Sun, 19 Jul 2020 15:32:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/logo-black.png
103.212.121.180200 OK 3.4 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/logo-black.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PNG image data, 741 x 114, 8-bit colormap, non-interlaced\012- data
Hash d68e0516af406cfe58f24ef943efd438
e030cff310a7e565672b6b74e1d9d57224891ca3
cb3c873b3254352eb69bc7b5a43955fdc44530016403228d75ff0bd50bb616bb
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/logo-black.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/png
content-length: 3413
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 02:33:28 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9915
Expires: Sat, 15 Oct 2022 05:24:00 GMT
Date: Sat, 15 Oct 2022 02:38:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9915
Expires: Sat, 15 Oct 2022 05:24:00 GMT
Date: Sat, 15 Oct 2022 02:38:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9915
Expires: Sat, 15 Oct 2022 05:24:00 GMT
Date: Sat, 15 Oct 2022 02:38:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9915
Expires: Sat, 15 Oct 2022 05:24:00 GMT
Date: Sat, 15 Oct 2022 02:38:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381d4399-366b-4b96-82f3-a169f67436ed.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381d4399-366b-4b96-82f3-a169f67436ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edc4bd5b0644d34cfa4777e12c7ca3bf
73a4d828dba62ec16a563ee419de3b22b34b2441
714d33f5df235af9e4ba86db83b15fe60f70097e6958db01049ff38996f94a3e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381d4399-366b-4b96-82f3-a169f67436ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6541
x-amzn-requestid: f6ff9c7e-0481-414b-9d38-51324dba88bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aA6iGE8coAMFtYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6349d7a6-2a6cd8ed535fd76773cf1217;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 21:41:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jubXjj8GtWolu-AnmQ2EMEUvLuWBbUmX-F-kQXWcf6bXEgLxmk1uZQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:49:43 GMT
etag: "73a4d828dba62ec16a563ee419de3b22b34b2441"
content-type: image/jpeg
age: 17342
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbaa572d-617c-4469-acdb-becf07c450b8.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbaa572d-617c-4469-acdb-becf07c450b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce54806e476cd432c4a5f223fbe312f8
6e88822b66f398cd508f359fafc1fd06b0e77e6d
4843c10ee3301e18a7745b808cb6a5f3160246799c01bed2523e491d2b26c01b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcbaa572d-617c-4469-acdb-becf07c450b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12685
x-amzn-requestid: 9cf276ba-fead-4650-8993-4202aa433b36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aA5oEHHooAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6349d633-27a8539a2333baf551efccc6;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 21:35:47 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: w-nZBjW7WbOsmm0frYz3gPKKFnqTo7aBGw7ugcVPZlktPPG-Y0GCKg==
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:49:43 GMT
age: 17342
etag: "6e88822b66f398cd508f359fafc1fd06b0e77e6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd268c3-27b8-467e-bdc3-ab2dab1a3b6d.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd268c3-27b8-467e-bdc3-ab2dab1a3b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 644dadbc61528fb78d6a4d37809a4da1
46c2110541fe6eec046efea92940d17b69e410dc
6cdb2203d1ddb0e17728a5cede16bb7cf058172b0c61ca6e5082a514a447bf88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd268c3-27b8-467e-bdc3-ab2dab1a3b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3894
x-amzn-requestid: f46ef5cf-34c4-4024-a1cb-7a46985a0225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aA5pWEHeoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6349d63b-26b43ef606fd070f153225a3;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 21:35:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KZCAQXda5v816O20Q8-UKTh7nxPm0SSU1EGkNXEEharLsGzA1ifMDw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:49:43 GMT
age: 17342
etag: "46c2110541fe6eec046efea92940d17b69e410dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac5c50f8ffe0da11f1adb9f67d811cf
2b586d1c26208d6fe7df3a4cec286e28f21807ca
12414dcf4afa766503c9328fe626c2d1317a0d6838887e0dd30e9b56e85ea3d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2af2b9dc-3279-48a4-b300-2aca0a094dd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8120
x-amzn-requestid: 42dc2299-203a-4269-a252-e239978fe80d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7EhLHX0IAMF89g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347813a-1357899758d9403e4b920418;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 03:08:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dtHUN5Q4E46U3LnVBR8JnD8Ie8LHrM0LocF6lNdRQ5LpxKFZOlDc0g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 03:39:00 GMT
age: 82785
etag: "2b586d1c26208d6fe7df3a4cec286e28f21807ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03997513-5277-4522-89f8-818ae1af1ed4.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03997513-5277-4522-89f8-818ae1af1ed4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9605311cdd6ecc7e959369acac85f0c1
b1b31f7c2380fda954c3c7f622c0f6ab59e263a6
a296e70d90138f45fd69cd1c1333c1dba11a290f0d0d4058c59e1ebc47848270
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03997513-5277-4522-89f8-818ae1af1ed4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10564
x-amzn-requestid: b55c8d77-e8bb-4bbe-a672-332d3ba4a9eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkGy5FrMoAMFgQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e51ab-1fd3e756011e6f3d6ef3d249;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:55:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hcEn83MvWNwbStD6yqnUBjKVv9ofaFKfspMn0h3E_CAb-KlVU7DkCA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 21:55:44 GMT
age: 16981
etag: "b1b31f7c2380fda954c3c7f622c0f6ab59e263a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29fba88-ff7b-43a1-bfa9-65a02639e3a4.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29fba88-ff7b-43a1-bfa9-65a02639e3a4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0a52df15d301c5d93453318d0bccf8e8
59f6f1a290a3b713bd850f427c918b482b772230
560f9d147b80b43e6a21e4b15c1eccffb46fd52cf5451c5e40509c275845a843
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc29fba88-ff7b-43a1-bfa9-65a02639e3a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9846
x-amzn-requestid: 8556ede2-e90b-4c26-be9b-bfa2b985ec56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z043mF-_IAMFU3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63450830-23102a4c7872054e38e102cf;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 06:07:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sAQgA_qAyWCjBKZ5BX0ue1S-I2WeGeg8cu7KXz5PNbFdU6dWx7NJSA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 08:55:14 GMT
age: 63811
etag: "59f6f1a290a3b713bd850f427c918b482b772230"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/logo-white.png
103.212.121.180200 OK 3.4 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/logo-white.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PNG image data, 741 x 114, 8-bit colormap, non-interlaced\012- data
Hash ee6e069e7a66c4f20efcd3ffa714f62e
a2b80cdd5968574b801d4cb372c20096114b8e3f
1e16f6e604d06f5d4e5e9d12e1b0bc74f5494877db4e1a11ebab22af685b5541
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/logo-white.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/png
content-length: 3413
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 02:33:28 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/Why-do-i-need.jpg
103.212.121.180200 OK 83 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/Why-do-i-need.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1600, components 3\012- data
Hash e859149f32b4c4eeddb9b8d300cbbe9d
8c225c7d5db6d0e23d32fef5210e0d729fe194a6
726f3bb6bb0991fe69683e3627b527985cc15f930e33f9e240cd73c58f1936a7
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/Why-do-i-need.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/jpeg
content-length: 82556
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 10:31:30 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/step1.png
103.212.121.180200 OK 43 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/step1.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PNG image data, 500 x 381, 8-bit colormap, non-interlaced\012- data
Hash c74c71316144152dcb81bccc65092276
9c274e734111898225c9f569c4eef2cdab2fdab3
87384ab12357fd3b14c214720637cd14ae71c5eef0d12ae4b2e36a8954790e60
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/step1.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/png
content-length: 42612
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 10:31:18 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/footer-reveal.js
103.212.121.180200 OK 383 B URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/footer-reveal.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type ASCII text, with very long lines (649)
Hash afd6f0c7c36f23082ea9d9da98f338b9
d7431d441cb4040708cf1936912a25808c23cd9a
ffbf9ab8b26f1a546771e445e38899a13cfea7f4d31005ef632da777cc88eb44
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/footer-reveal.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: application/javascript
content-length: 383
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Tue, 02 Aug 2022 06:14:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/particles.js
103.212.121.180200 OK 5.7 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/particles.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type ASCII text, with very long lines (23002)
Hash a4969ae1d44d92b88421b4f82fd607b5
f8138585982755425411cccd43741253c5c77dec
717eecfac08581c08cb1581083a064211c85cb72ca7873f2e8bae55a542d4f7c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/particles.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: application/javascript
content-length: 5735
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Sun, 19 Jul 2020 15:32:10 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/css/style.css
103.212.121.180200 OK 24 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/css/style.css
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type ASCII text, with very long lines (304), with CRLF line terminators
Hash 7c632fb0ac8d977350918972bd0c4fd8
595c057f645598d00c37dfda5f628bff71218798
545c50c695f51bd3974d4e3188eaa6919890508842281394e5d38390f831ed6f
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/css/style.css HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: text/css
content-length: 23641
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Mon, 28 Jun 2021 10:36:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/startyoureplimo.jpg
103.212.121.180200 OK 40 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/startyoureplimo.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x565, components 3\012- data
Hash 8a2ddbb85a3770c13a53466145c034cc
6545f3c188809b2fe4239533118b56baa1ca9f13
26ebf2e9cba490148d2a201a2b6cfbe01200037777b943dd16cef07ed8cf62d2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/startyoureplimo.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/jpeg
content-length: 40012
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 10:31:12 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
142.250.74.10200 OK 1.5 kB URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP 142.250.74.10:0
Hash 239d81b46fd337cacad6fcc695dd7e6e
5adf360a500823f31b336947e5a75dd713cbd67d
31edc67695bf5fbe910ae41065f309d675d0d8ead6641fcf81ac17f12a6547e3
GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 15 Oct 2022 02:38:44 GMT
date: Sat, 15 Oct 2022 02:38:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash acaba5d27d27f0ebeb1a1495a6e4ff09
5953b351f69fd15de1b4d42dd9634dea8f6e920b
023cd9eaaee884f8cb91ed69805e308b42d2aaf48be2e3788e33dd95a501410f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-WL2J35C
142.250.74.168200 OK 60 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WL2J35C
IP 142.250.74.168:0
File type ASCII text, with very long lines (14948)
Hash b0c74e1e1b1d0ed89e2b508e6ce8b555
636fe93b11f6236a71f64d3954b590363248d001
7d5bf8c63b986a5f24f6e961fac32f095e2d1938555fba045b25a5ce7aa29a75
GET /gtm.js?id=GTM-WL2J35C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 15 Oct 2022 02:38:46 GMT
expires: Sat, 15 Oct 2022 02:38:46 GMT
cache-control: private, max-age=900
last-modified: Sat, 15 Oct 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 59978
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash acaba5d27d27f0ebeb1a1495a6e4ff09
5953b351f69fd15de1b4d42dd9634dea8f6e920b
023cd9eaaee884f8cb91ed69805e308b42d2aaf48be2e3788e33dd95a501410f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash acaba5d27d27f0ebeb1a1495a6e4ff09
5953b351f69fd15de1b4d42dd9634dea8f6e920b
023cd9eaaee884f8cb91ed69805e308b42d2aaf48be2e3788e33dd95a501410f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash acaba5d27d27f0ebeb1a1495a6e4ff09
5953b351f69fd15de1b4d42dd9634dea8f6e920b
023cd9eaaee884f8cb91ed69805e308b42d2aaf48be2e3788e33dd95a501410f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 16:40:18 GMT
expires: Fri, 13 Oct 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 122308
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6c8c599da15186bda28a94f0bb20656b
fe2605bcee301a4dac00399109ca1b6bd08dff7f
74e6fa45e8e1695e31924d374de895ecc05564c71dc4b14a8eea6f61860d0c16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash acaba5d27d27f0ebeb1a1495a6e4ff09
5953b351f69fd15de1b4d42dd9634dea8f6e920b
023cd9eaaee884f8cb91ed69805e308b42d2aaf48be2e3788e33dd95a501410f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/step2.png
103.212.121.180200 OK 48 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/step2.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PNG image data, 500 x 381, 8-bit colormap, non-interlaced\012- data
Hash 2fd5944b8ab62e7c9974d121a2b09ffc
cc4c503c2821ebc3ba9231b767ca2000de2565b8
edf703a030929348b022e8012b46874ef8b381a98af8b71a05b7f44e57108a6a
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/step2.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/png
content-length: 47867
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 10:31:22 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/js/particless.js
103.212.121.180200 OK 5.7 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/js/particless.js
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type ASCII text, with very long lines (23002)
Hash a4969ae1d44d92b88421b4f82fd607b5
f8138585982755425411cccd43741253c5c77dec
717eecfac08581c08cb1581083a064211c85cb72ca7873f2e8bae55a542d4f7c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/js/particless.js HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: application/javascript
content-length: 5735
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Wed, 29 Jul 2020 10:19:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/step3.png
103.212.121.180200 OK 52 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/step3.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PNG image data, 500 x 381, 8-bit colormap, non-interlaced\012- data
Hash fb97f2bb1f01a948355f666ace7e7edd
eb2d1ef899240edd567109c214ecedb14fade3a6
e2fbe0ab2e5d56b4839aff523e769698fdda3f7b7ce28264057a0c591b407496
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/step3.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/png
content-length: 51895
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 10:31:26 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/How-can-i-benefit.jpg
103.212.121.180200 OK 91 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/How-can-i-benefit.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1600, components 3\012- data
Hash dfde4dd88c0a80dd18696272c8d60613
d89b4866340ba2308b7789faeb58e90af9283ae4
ef3e482ffa493ad7916578667bc829f3e97f07e70ccaa6452e2e7f4a8bf42a4b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/How-can-i-benefit.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/jpeg
content-length: 90809
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 10:31:08 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimotest2.jpg
103.212.121.180200 OK 80 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimotest2.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Hash 630bd08a321b8377c8224ea66ab0f4cb
de89a9aac80da2e51bfd781af7543491c8484c2e
397620015f8586f727b7558d746cfe6da09968e25d00fa60cbfd666b79cd2b3b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/eplimotest2.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/jpeg
content-length: 80535
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 10:31:06 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimo-app.jpg
103.212.121.180200 OK 91 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimo-app.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Hash c4a5726e586d15db26ed39ae7ab139e4
7931d12b067f5aabf07cc873fffa2e67baca0257
ec3b6f871c95f64ad2c0e927631ccfca5831ab70c5b94603290033d53f8f772b
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/eplimo-app.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/jpeg
content-length: 90880
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 10:30:58 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
beyondmydna.com/siai/submiaboiqunsd
103.212.121.180200 OK 112 kB URL HTTP/2 beyondmydna.com/siai/submiaboiqunsd
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (676)
Size 112 kB (112379 bytes)
Hash dad0f29358f6c2c0edd2079ae09dfe6f
01ff0b968832885777d6471ed6cd3c6a63a793ff
eb5c3121f0027b88e4943e09f35a071add62181dc404d9e628a283f85b0b9500
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /siai/submiaboiqunsd HTTP/1.1
Host: beyondmydna.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:44 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.15
link: <https://www.eplimo.ae/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimorecomendation.jpg
103.212.121.180200 OK 91 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimorecomendation.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Hash 764befcb668fe6085917f7ae161e4ce2
4cf56c9108d9e4e5b1d6becc2d4d75dc5e6309d0
c930768078092cc86cf7d6b233431d31338fc08d205be1fa7bd9e3400a301c40
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/eplimorecomendation.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/jpeg
content-length: 91023
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 10:31:04 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/metabolic-assessment.jpg
103.212.121.180200 OK 95 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/metabolic-assessment.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1280, components 3\012- data
Hash 0167843d05f8c34a20681c42917830d9
a07935ebf54e3d74276ae18d25ad13980634aaa1
bf3d23fd1ced22534bd130c96e770f701ed413874b25bdca1c42dc1235cabaf2
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/metabolic-assessment.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/jpeg
content-length: 95334
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 10:31:10 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/epigenetic-lifestyle.jpg
103.212.121.180200 OK 168 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/epigenetic-lifestyle.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3\012- data
Size 168 kB (167492 bytes)
Hash c5b5099a249c896e756bc21340f76331
66c4dc346713cafa4ae1fb745281c63ed44dc2d4
935979e79aefc2d50c87b741a2e025813e1e94c1c482fe54c69bbad5b2c7ad6d
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/epigenetic-lifestyle.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/jpeg
content-length: 167492
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 10:30:56 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/mastercard.jpg
103.212.121.180200 OK 203 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/mastercard.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2021:06:28 20:23:43], baseline, precision 8, 1391x253, components 3\012- data
Size 203 kB (203375 bytes)
Hash c01503af8020c85c31a32f0fd05494b7
68cb5eda771d5a06b512ab87673d72c6ea2e4f0a
277e87f30034b9cd8e63f48202dc7685fcaa25b9f74e74ca884c5d6165481c40
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/mastercard.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/jpeg
content-length: 203375
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Mon, 28 Jun 2021 14:54:27 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/banner-1.jpg
103.212.121.180200 OK 56 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/banner-1.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1358, components 3\012- data
Hash e753a77371287247a9528627fa595e5c
38f3b4c03ae5f016a88367d0951bed33e7624d33
e079ae50b3f21da0a692cb6830ac73b83f5d195002c1698113a88e0d2e51e9f4
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/banner-1.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:46 GMT
content-type: image/jpeg
content-length: 56400
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:46 GMT
last-modified: Thu, 03 Dec 2020 07:57:02 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/video-banner.jpg
103.212.121.180200 OK 30 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/video-banner.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1350x300, components 3\012- data
Hash 04aaede4eaff4c47fee9e5cda6f15095
04aee89a6d71331bd0863e31cf00cc57aa3a6637
2e30fc26c9a9a762e5e782deb357df46ab705d914180aad96ee334016bc90a0e
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/video-banner.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:46 GMT
content-type: image/jpeg
content-length: 29488
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:46 GMT
last-modified: Thu, 03 Dec 2020 07:57:44 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/banner-2.jpg
103.212.121.180200 OK 158 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/banner-2.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1358, components 3\012- data
Size 158 kB (157516 bytes)
Hash fdae2d613df2be0a29320fde05e2569e
6de0399e36fd1f0b2f6ccd33f88ef2250e3e0f59
f88a29aeac5d38e9aeda9d3b15f4716efb3b478c8bd19d78cd10e29b1fcbae64
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/banner-2.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:46 GMT
content-type: image/jpeg
content-length: 157516
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:46 GMT
last-modified: Thu, 03 Dec 2020 07:57:04 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/footer-img.jpg
103.212.121.180200 OK 47 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/footer-img.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1358, components 3\012- data
Hash e690b0f8737c2f963be314144683a87c
3ee9b8248d1566377ed76cd21884846453ef2b16
9ba83177dc703d35cd4b798da8e714a91af5bf5edc10bc05cd854b3de2f2624c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/footer-img.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:46 GMT
content-type: image/jpeg
content-length: 46759
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:46 GMT
last-modified: Thu, 03 Dec 2020 07:57:14 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff2
103.212.121.180200 OK 74 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff2
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type Web Open Font Format (Version 2), TrueType, length 73852, version 1.0\012- data
Hash fb493903265cad425ccdf8e04fc2de61
fef2f08d60e907750df0bc41ce64a7139642ddf0
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:46 GMT
content-type: font/woff2
content-length: 73852
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:46 GMT
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.woff2
103.212.121.180200 OK 15 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.woff2
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type Web Open Font Format (Version 2), TrueType, length 14844, version 1.0\012- data
Hash bdadb6ce95c5a2e7b673940721450d3c
f1e8cb035436d638da83d4696248cec831dcbe7a
92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:46 GMT
content-type: font/woff2
content-length: 14844
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:46 GMT
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff2
103.212.121.180200 OK 83 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff2
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type Web Open Font Format (Version 2), TrueType, length 69608, version 1.0\012- data
Hash ac77fbf409256d5200f0249689507251
a4af9044113495b12c1b8d016d3f0fb5dfb41bb4
4fc86a4354c21b78623027603460736ac71d7626f0787ad2c603b40677f0724b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:46 GMT
content-type: font/woff2
content-length: 69608
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:46 GMT
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.ttf
103.212.121.180200 OK 40 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.ttf
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type TrueType Font data, 11 tables, 1st "GSUB", 18 names, Macintosh, Font AwesomeFont Awesome 5 FreeRegularFont Awesome 5 Free RegularFont Awesome 5 Free RegularVers\012- data
Hash b48c48ea8457846a5695b139c377d3d1
b65c09901ecd41417c7efb747372dfef763ba2f1
ecb5719eb6408359d91fd2530646064a3f251aed691fd48277289cc8d6d53dfa
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-regular-400.ttf HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:47 GMT
content-type: font/ttf
content-length: 40232
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:47 GMT
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b424850d0aeb72404bd5448e9f971a7
b62f62761fa6a42c1826added96e293d59f7101a
8b5b54dc5e4ce14461a8cf4ee81742a25674f32c62561789817f14fe9cce30e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 15 Oct 2022 00:41:09 GMT
expires: Sat, 15 Oct 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 7058
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.ttf
103.212.121.180200 OK 66 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.ttf
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type TrueType Font data, 11 tables, 1st "GSUB"\012- data
Hash 40dc28c30801914706149b2695759582
faf1a568d0edbdb8028d9f311176748d4c700d1c
06bf5ae5d372da4d217f3ebf736ae550db1ca0ce88c23d1ee43c76b28ac5950b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.ttf HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:46 GMT
content-type: font/ttf
content-length: 196952
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:46 GMT
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff
103.212.121.180200 OK 168 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type Web Open Font Format, TrueType, length 81612, version 1.0\012- data
Size 168 kB (167848 bytes)
Hash 9f5afc3aa501a2734f1a6bb042124462
9357d9edc0f3d28df61e4f6f23f87fef368bc702
7b7316c25b6de0447e5194ca608aa8efd9801469ff1a758bcf5702d9ee242e93
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:47 GMT
content-type: font/woff
content-length: 81612
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:47 GMT
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 8766c5a801f08afceca9b66ff9097e6a
ce7640d1d166eddeb9d40be642ec34652f790713
f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 15 Oct 2022 02:38:47 GMT
expires: Sat, 15 Oct 2022 02:38:47 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b424850d0aeb72404bd5448e9f971a7
b62f62761fa6a42c1826added96e293d59f7101a
8b5b54dc5e4ce14461a8cf4ee81742a25674f32c62561789817f14fe9cce30e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff
103.212.121.180206 Partial Content 49 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Hash 41279734c0142a70c94b9abc9b1ac5b7
0b0e0f824b97fea089701dadb4b8353b2dc09634
91b76333e393ceba6d232615ae9098b51689fd4669dfe62704a1ac9fa208821b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=32232-
If-Range: Sun, 19 Jul 2020 15:32:12 GMT
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Sat, 15 Oct 2022 02:38:47 GMT
content-type: font/woff
content-length: 49380
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:47 GMT
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
content-range: bytes 32232-81611/81612
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff
103.212.121.180200 OK 105 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type Web Open Font Format, TrueType, length 95436, version 1.0\012- data
Size 105 kB (105442 bytes)
Hash 1e9beef6136928e47e1fbb12c4be0a37
b7f8144c606066ed509306476941bebdee067a3c
a7d9c9226c57ad0df970aa0899204f481f5b7983fed948f75d27ab7650fc91eb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.woff HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:46 GMT
content-type: font/woff
content-length: 95436
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:46 GMT
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bac53a9e47b402471127f290b676b367
d5aa4a8d0571a6c8519d8ab9d369c040ede52ca1
8985fb669fe4022d05158aa7a8fd8033d9b4ae4f9011f3f947e2365d4ebe19f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20221012/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Fri, 14 Oct 2022 07:55:51 GMT
expires: Fri, 28 Oct 2022 07:55:51 GMT
cache-control: public, max-age=1209600
age: 67376
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.eot
103.212.121.180200 OK 50 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.eot
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type Embedded OpenType (EOT), Font Awesome 5 Free family\012- data
Hash 75be39b3fc473e9545d2dd61e79316fa
6e2cf6b136be05379098b7858f0e95d23b3e6ccb
eabfc49bd7486bad2a85f142d6aa949202e13b08a9977f3adbc92cc51a3eb3d8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.eot HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:47 GMT
content-type: application/vnd.ms-fontobject
content-length: 197172
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.ttf
103.212.121.180206 Partial Content 184 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.ttf
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Size 184 kB (183567 bytes)
Hash 2bddad12629c5fdcb1f0d2f240d14b45
b8f8ca176b3881a4beedb4378cbdd50216a1a8fc
c19312e37baeaf9680710b153d882530f63554cf7427fb69be05e3833a3161c7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-solid-900.ttf HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=64982-
If-Range: Sun, 19 Jul 2020 15:32:12 GMT
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Sat, 15 Oct 2022 02:38:47 GMT
content-type: font/ttf
content-length: 131970
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:47 GMT
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
content-range: bytes 64982-196951/196952
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/vieroots.png
103.212.121.180200 OK 40 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/vieroots.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type PNG image data, 300 x 300, 8-bit/color RGB, non-interlaced\012- data
Hash 97542cc047d42523f30deb4605624a86
106a3eaba0ca5182ff2c47418c8368d51b8ef5ac
fbab316b9eeaba0e02b063e3ce549c621efe523f412b21deae4c56a488be3b7c
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/vieroots.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:47 GMT
content-type: image/png
content-length: 39482
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:47 GMT
last-modified: Wed, 21 Oct 2020 08:16:30 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff2
103.212.121.180206 Partial Content 4.6 kB URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff2
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
File type OpenPGP Public Key\012- data
Hash ef2da2cfe7250eeb435f364b40739806
b9bab5ac89932415689b74b5f92d0a8c3d50ab7f
9a2df9349590921f0d45dc013d686fbd2f522a8fa520f3d384a8268e99c128e1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=64981-
If-Range: Sun, 19 Jul 2020 15:32:12 GMT
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Sat, 15 Oct 2022 02:38:47 GMT
content-type: font/woff2
content-length: 4627
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:47 GMT
last-modified: Sun, 19 Jul 2020 15:32:12 GMT
content-range: bytes 64981-69607/69608
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c85b4e8ac7e485a517e8008d1f354a31
5ff4942540fffadcfc3501e621e39c9a68e1cb7d
5bf3480bdb27e17eb7c3ab432e366cfdf939d584f8933f80bf24232f1b359c22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-172838410-1&cid=1188145.1665801528&jid=386928482&gjid=2047360584&_gid=864893837.1665801528&_u=YEBAAEAAAAAAACAAI~&z=372149976
173.194.73.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-172838410-1&cid=1188145.1665801528&jid=386928482&gjid=2047360584&_gid=864893837.1665801528&_u=YEBAAEAAAAAAACAAI~&z=372149976
IP 173.194.73.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-172838410-1&cid=1188145.1665801528&jid=386928482&gjid=2047360584&_gid=864893837.1665801528&_u=YEBAAEAAAAAAACAAI~&z=372149976 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://beyondmydna.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 15 Oct 2022 02:38:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ce7f39a3e290c51cf51f64619c155718
a51fb1fc22ef7cb1bc7f75d4849ff1b13c5edea1
d7e7d16202fff3189947cdbce3d029f2e417dafbb60931f7a5f751635da6620f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/613420709/?random=1665801528042&cv=9&fst=1665799200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fbeyondmydna.com%2Fsiai%2Fsubmiaboiqunsd&tiba=VIEROOTS&async=1&fmt=3&is_vtc=1&random=4175006511&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/613420709/?random=1665801528042&cv=9&fst=1665799200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fbeyondmydna.com%2Fsiai%2Fsubmiaboiqunsd&tiba=VIEROOTS&async=1&fmt=3&is_vtc=1&random=4175006511&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/613420709/?random=1665801528042&cv=9&fst=1665799200000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fbeyondmydna.com%2Fsiai%2Fsubmiaboiqunsd&tiba=VIEROOTS&async=1&fmt=3&is_vtc=1&random=4175006511&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 02:38:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bac53a9e47b402471127f290b676b367
d5aa4a8d0571a6c8519d8ab9d369c040ede52ca1
8985fb669fe4022d05158aa7a8fd8033d9b4ae4f9011f3f947e2365d4ebe19f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=beyondmydna.com
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=beyondmydna.com
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=beyondmydna.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 15 Oct 2022 02:38:47 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=beyondmydna.com&callback=_gfp_s_&client=ca-pub-1622743609951674&gpid_exp=1
172.217.21.162200 OK 254 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=beyondmydna.com&callback=_gfp_s_&client=ca-pub-1622743609951674&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (397), with no line terminators
Hash b0d48f08426bef98183b1926d2c40d2d
9c772680d7ee11ffbcb4dde5df7434d3fe21ed72
a0138c045dc9abca30eaeb0a16b1edad7f608f9fc9b6b7d7107bd39fb3e88c4d
GET /gampad/cookie.js?domain=beyondmydna.com&callback=_gfp_s_&client=ca-pub-1622743609951674&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 15 Oct 2022 02:38:47 GMT
server: cafe
cache-control: private
content-length: 254
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=beyondmydna.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=beyondmydna.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=beyondmydna.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 15 Oct 2022 02:38:47 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c85b4e8ac7e485a517e8008d1f354a31
5ff4942540fffadcfc3501e621e39c9a68e1cb7d
5bf3480bdb27e17eb7c3ab432e366cfdf939d584f8933f80bf24232f1b359c22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dc745cc6cabb7bcda110c74aa6bbdc4b
ee85567f8a368e63dc4ffad272f514df5b600b76
fd3befeac747605b265309554c748c5de2a5e4ca07f69889090e87639937846d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ce7f39a3e290c51cf51f64619c155718
a51fb1fc22ef7cb1bc7f75d4849ff1b13c5edea1
d7e7d16202fff3189947cdbce3d029f2e417dafbb60931f7a5f751635da6620f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7112f5cc0e7d94d5b8ebd8f64da4f614
615b58f4361f5a7764d919c9440b398d0c81600f
d80b3c601fe8e104ff7469ddb99c5ceba9dbd1c55069dbb1fdae9d37055599f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 15 Oct 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 15 Oct 2022 02:38:47 GMT
expires: Sat, 15 Oct 2022 02:38:47 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7999439-dc4a-4cbd-853d-5a0822913e35.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7999439-dc4a-4cbd-853d-5a0822913e35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70e7ecb94b9d3b14d240fbbcf97b04a9
d38357e003fa7e3b0d73d62a0db3367af2151790
2e9e42f107e200cdcd2fd18ace09c396da1aa4504da97796757ee317e05b9e02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7999439-dc4a-4cbd-853d-5a0822913e35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5289
x-amzn-requestid: 32ceec61-c109-4bc8-a174-0aac12d32004
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3IN7H1qoAMFwRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6345ed8c-3bcffbb73e31871e3a61ba00;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 22:26:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: A2piL9pD-D4XogwWKe4GrQ0uYkJX2lH7U2hnvUV-Jz0o5eD9Fyh_fw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 22:24:13 GMT
age: 15279
etag: "d38357e003fa7e3b0d73d62a0db3367af2151790"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.eot
103.212.121.180200 OK 0 B URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.eot
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/webfonts/fa-brands-400.eot HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://beyondmydna.com
Connection: keep-alive
Referer: https://www.eplimo.ae/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:47 GMT
content-type: application/vnd.ms-fontobject
content-length: 126428
last-modified: Sun, 19 Jul 2020 15:32:10 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/apple114x114.png
103.212.121.180404 Not Found 0 B URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/apple114x114.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/apple114x114.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 15 Oct 2022 02:38:47 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.15
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.eplimo.ae/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/logo/logo-white-vertical.png
103.212.121.180404 Not Found 0 B URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/logo/logo-white-vertical.png
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/logo/logo-white-vertical.png HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 15 Oct 2022 02:38:46 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.15
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.eplimo.ae/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimocaoching.jpg
103.212.121.180200 OK 0 B URL HTTP/2 www.eplimo.ae/wp-content/themes/Eplimo/assets/images/New/eplimocaoching.jpg
IP 103.212.121.180:0
ASN #135222 MilesWeb Internet Services Pvt Ltd
Analyzer Verdict Alert quad9 Sinkholed
GET /wp-content/themes/Eplimo/assets/images/New/eplimocaoching.jpg HTTP/1.1
Host: www.eplimo.ae
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://beyondmydna.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 15 Oct 2022 02:38:45 GMT
content-type: image/jpeg
content-length: 124577
cache-control: public, max-age=604800
expires: Sat, 22 Oct 2022 02:38:45 GMT
last-modified: Thu, 03 Dec 2020 10:31:00 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2