firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 05:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QZ1SRDGPkQ2ZgN3C9PTiKRjWg_xsn4lMj8VOhRjkVWgvbTBbouHXdg==
Age: 819
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14644
Expires: Tue, 27 Sep 2022 09:33:14 GMT
Date: Tue, 27 Sep 2022 05:29:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Mon, 26 Sep 2022 09:17:07 GMT
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Nn8UIiu3uLF2hAhVZae2263_PfOJVdOHfdg1antEVFKd88s7PKWj6w==
age: 72724
X-Firefox-Spdy: h2
www.nystexchange.com/
198.187.31.159301 Moved Permanently 707 B IP 198.187.31.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 27 Sep 2022 05:29:10 GMT
server: LiteSpeed
location: https://www.nystexchange.com/
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 05:29:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 05:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 05:38:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NZvGkUrGtPMMGX80DctARdmGqmGJqSMJooQcO4s_TYQc7uZtNTGWhw==
Age: 1104
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 45103bc33884013cd1c28e4a47aa04e7
b5342eba643b101f68360964e725b01b9a61ab76
0462bb9a80a90121b69df58490467877290074730e01e31b0870bbc7e7df769a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 05:29:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 21:38:55 GMT
Expires: Mon, 03 Oct 2022 21:38:54 GMT
Etag: "b5342eba643b101f68360964e725b01b9a61ab76"
Cache-Control: max-age=575983,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7511d710e8c21c12-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6166
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:10 GMT
Last-Modified: Tue, 27 Sep 2022 03:46:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.nystexchange.com/
198.187.31.159200 OK 9.0 kB IP 198.187.31.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (518)
Hash 5b853e0d49bf843627415c5a7c014f01
19aa4af520a9bdc2ee9e462cde3e6da293057fc1
e3696d2e9bef0e9fa2043d29909515edad8a76e0cd4f63708a6b049d257aa0b4
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 16 Aug 2022 12:56:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9014
date: Tue, 27 Sep 2022 05:29:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.81.125.88101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.125.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yDzTtNrJ8hDrPIzic3MZUw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lTAzC8Py4YC8YntfoHHoOTIIp7E=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 64f599bcc1c68b1a41456d647b03fa23
b6fa27e8486d34af9c8e98ecc66c8a449db50ed8
42f1d6fa976df925e17362c2cac604b5e194b38a99ab8e10dfe94867515e102d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3825
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:11 GMT
Last-Modified: Tue, 27 Sep 2022 04:25:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nystexchange.com/webminepool.com/lib/base.js
198.187.31.159200 OK 61 kB URL HTTP/2 www.nystexchange.com/webminepool.com/lib/base.js
IP 198.187.31.159:0
File type ASCII text, with very long lines (46078)
Hash 35ba1dce3eb8eae50f80a96a2823e3a9
84a7db573222aa9e5a060f7c9e5541d8a4c6b428
c13cf7e6ce289343b1d33af07fa7cd42bece400ccfbacaffce44c4289035971b
Analyzer Verdict Alert fortinet Malware
GET /webminepool.com/lib/base.js HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: application/javascript
last-modified: Sat, 27 Mar 2021 18:19:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 60935
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/css/fontawesome.min.css
198.187.31.159200 OK 9.8 kB URL HTTP/2 www.nystexchange.com/home/css/fontawesome.min.css
IP 198.187.31.159:0
File type ASCII text, with very long lines (46717)
Hash ecf053c46b1a409f67923d9ea783136b
9f4d008f1f3c30b499bc1bd1116d3d3dab3ae229
91f82500bb66271091694412ff6c569c2607f02477dfd71a889bba8990e2781d
GET /home/css/fontawesome.min.css HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: text/css
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9810
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/css/bootstrap.css
198.187.31.159200 OK 20 kB URL HTTP/2 www.nystexchange.com/home/css/bootstrap.css
IP 198.187.31.159:0
File type ASCII text, with very long lines (65406)
Hash b1310b1ee680b70b5205b8be07c3f2bd
4478a6f951513df37d716f46b89cff638d451d59
6194d75b705cd9651657c2b2068938714990838ca7cdc01ffb4d8a2095e4b464
GET /home/css/bootstrap.css HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: text/css
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19475
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/css/owl.carousel.min.css
198.187.31.159200 OK 917 B URL HTTP/2 www.nystexchange.com/home/css/owl.carousel.min.css
IP 198.187.31.159:0
File type ASCII text, with very long lines (3185)
Hash 233a3e34f96fb2c52ec6098289a50904
2c667daf8b7ac17f8223186d2db45cd1e65d0d3d
ae4a2ba54a74401aa4851d8c9c76df4e55869890cbbe84159de15f5c0b63417d
GET /home/css/owl.carousel.min.css HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: text/css
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 917
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/css/animate.css
198.187.31.159200 OK 4.0 kB URL HTTP/2 www.nystexchange.com/home/css/animate.css
IP 198.187.31.159:0
File type ASCII text, with very long lines (57248)
Hash 76826986f6b7bc804751bb53c9e91dea
67334786980b486717041c11ab92b5ea85dc8a46
4ba70f7f79dc28283b255b1f082742b069b3dae4ead43d76fea5ee6eb3249438
GET /home/css/animate.css HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: text/css
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4045
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/css/style.css
198.187.31.159200 OK 19 kB URL HTTP/2 www.nystexchange.com/home/css/style.css
IP 198.187.31.159:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash caf5a8459eb7cac204e0312161f4dd2c
fc117218cbf3372b89a85090658c959e11a303d1
002cf8a9c015670b0d933bcc1da332ee09f654845a0a4a48796ef855fc7f0036
GET /home/css/style.css HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: text/css
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19064
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/css/responsive.css
198.187.31.159200 OK 4.4 kB URL HTTP/2 www.nystexchange.com/home/css/responsive.css
IP 198.187.31.159:0
File type ASCII text, with very long lines (19918), with no line terminators
Hash 4edc321a657b392ae252801318dd1fdd
a9bafba2f57c184b4cc973733423095f733ebdd7
17039ee4211321e5a75348b01e215f47cff8d75ec17359f12d9cbbe988e00cf5
GET /home/css/responsive.css HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: text/css
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4351
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/css/toast.css
198.187.31.159200 OK 768 B URL HTTP/2 www.nystexchange.com/home/css/toast.css
IP 198.187.31.159:0
File type ASCII text, with very long lines (3243), with no line terminators
Hash 4193f37239a18274c438858b76efc72c
1be0826880f88eabadd8cbd9a05375c662479eab
1685a0be959287dac64a0dcd20f870566e6589cfc7e994e8e3dec5f0385bdeb2
GET /home/css/toast.css HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: text/css
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 768
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
198.187.31.159200 OK 29 kB URL HTTP/2 www.nystexchange.com/ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP 198.187.31.159:0
File type ASCII text, with very long lines (32061)
Hash 23d2bd0e195e961b92b472e72d6a3f60
5bc4589c9a758435c46b0ca978669b5080f00f07
929e234f21479035e04e19759c8c6e5efe2b5e5b2099f1c96d06280437cb9278
Analyzer Verdict Alert fortinet Malware
GET /ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: application/javascript
last-modified: Wed, 04 Mar 2020 01:15:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 28763
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
198.187.31.159200 OK 6.7 kB URL HTTP/2 www.nystexchange.com/cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 198.187.31.159:0
File type ASCII text, with very long lines (31167)
Hash c3bd634b08d3f71675d490c7cc8d5daa
bbe7a8cacc2de4bc0fcee83d42c6220d993d1c00
1972ca7e135ce49f8645dcd57605be66d6cebc97617a8dff3ebb566b0c5fdced
GET /cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: text/css
last-modified: Mon, 04 May 2020 21:10:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6692
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/logo-dark.png
198.187.31.159200 OK 14 kB URL HTTP/2 www.nystexchange.com/home/images/logo-dark.png
IP 198.187.31.159:0
File type PNG image data, 820 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash f89ac109f3d6b92e53479a22f3d69e4d
55382321e006e5b3896fcee525cbb09eecbb10b5
e90017e13e8c4a8595f2f3025e44dbfc589149146922a99023e890e17e904a87
GET /home/images/logo-dark.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Sat, 13 Aug 2022 17:08:33 GMT
accept-ranges: bytes
content-length: 13973
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/css/simple-notify.min.css
198.187.31.159200 OK 865 B URL HTTP/2 www.nystexchange.com/home/css/simple-notify.min.css
IP 198.187.31.159:0
File type ASCII text, with very long lines (3101)
Hash 03b6450dcefcc7ae3288bff2a45ea6cf
48784733f3787844f67ff904dae69547b0acd448
6e2d076f5526cf107f1e2b56c28ed3cd690019f66bceb83bfeda49d6b991a061
GET /home/css/simple-notify.min.css HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: text/css
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 865
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/benefit-icon-3.png
198.187.31.159200 OK 8.7 kB URL HTTP/2 www.nystexchange.com/home/images/benefit-icon-3.png
IP 198.187.31.159:0
File type PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash 331cad481d0d91a9e80c656357a2dda5
698c22ce3093e6b384de0e5754aa5be7d82260fc
a0c897297ee0a505b5367ae03c0d5f393511b507dee18b7d1f570005b1210a85
GET /home/images/benefit-icon-3.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 8718
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/alert/fake-notification-min.css
198.187.31.159200 OK 365 B URL HTTP/2 www.nystexchange.com/home/alert/fake-notification-min.css
IP 198.187.31.159:0
File type ASCII text, with very long lines (643)
Hash 7005e9823317b891e79ebd6a76cd8bf9
ad8dcec3a887fecabc71c7516c1a034f719d0ad8
9311f68a5d46aa929be416465bdb5d7970e5acca9ff2815e28e0099d980909c8
GET /home/alert/fake-notification-min.css HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: text/css
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 365
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/images/support-icon.html
198.187.31.159200 OK 432 B URL HTTP/2 www.nystexchange.com/images/support-icon.html
IP 198.187.31.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4288920b8e93de65727288e8609343d
2bf13ab51df6087576c7ccf325552749866e66f1
b090b937d870e9f0842f80cd4a7f5561551c73afabfcb437a7d1b211b2f7f23c
Analyzer Verdict Alert fortinet Malware
GET /images/support-icon.html HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Sat, 13 Aug 2022 16:56:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 432
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/google-play-btn.png
198.187.31.159200 OK 6.1 kB URL HTTP/2 www.nystexchange.com/home/images/google-play-btn.png
IP 198.187.31.159:0
File type PNG image data, 212 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d90b49e5e3b5d0fc228a20b0800aca94
3dda50c812cef06e6b9bb88dc06980e9cbdb1f4a
cb243c2d43b3d360f363c017c28c309782ed7044497dd665c64833cba51ea500
GET /home/images/google-play-btn.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 6074
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/www.cryptonator.com/ui/js/widget/calc_widget.html
198.187.31.159200 OK 432 B URL HTTP/2 www.nystexchange.com/www.cryptonator.com/ui/js/widget/calc_widget.html
IP 198.187.31.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4288920b8e93de65727288e8609343d
2bf13ab51df6087576c7ccf325552749866e66f1
b090b937d870e9f0842f80cd4a7f5561551c73afabfcb437a7d1b211b2f7f23c
Analyzer Verdict Alert fortinet Malware
GET /www.cryptonator.com/ui/js/widget/calc_widget.html HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Sat, 13 Aug 2022 16:56:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 432
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/images/wallets-icon.html
198.187.31.159200 OK 432 B URL HTTP/2 www.nystexchange.com/images/wallets-icon.html
IP 198.187.31.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4288920b8e93de65727288e8609343d
2bf13ab51df6087576c7ccf325552749866e66f1
b090b937d870e9f0842f80cd4a7f5561551c73afabfcb437a7d1b211b2f7f23c
Analyzer Verdict Alert fortinet Malware
GET /images/wallets-icon.html HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Sat, 13 Aug 2022 16:56:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 432
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9842
Expires: Tue, 27 Sep 2022 08:13:14 GMT
Date: Tue, 27 Sep 2022 05:29:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9842
Expires: Tue, 27 Sep 2022 08:13:14 GMT
Date: Tue, 27 Sep 2022 05:29:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9842
Expires: Tue, 27 Sep 2022 08:13:14 GMT
Date: Tue, 27 Sep 2022 05:29:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IWzfDNFlgYdqYnbQ9uWfOvqb5zl3I3mgTZrT5pU5P3EvetMRDN5P7w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:06:47 GMT
age: 15745
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 27169
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/luno.png
198.187.31.159200 OK 4.3 kB URL HTTP/2 www.nystexchange.com/home/images/luno.png
IP 198.187.31.159:0
File type PNG image data, 188 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 504f2f08f951e59dd09c834c6bc5e480
9b56650f4789ab081cb3f691ece02e358de945ae
ce83172a0792ea2980d4be05dfe5e2bda78a467d47cb17ae15786b2255b51827
GET /home/images/luno.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 4286
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4197a8a505b360b0c43142faf8cb7f48
4dbd2da7f7c45a97e3f6f6544ed428e892227cc3
434039a91ec37c8ff827c78f7613aa4f6416ded182b01140048a52654a2de4ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7128
x-amzn-requestid: 5806782b-498e-427b-be73-a94695e3cacf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlPfFn4IAMFwMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bfc-07a420d631e463286c1dafa0;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:08 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1XA-bBkY_FXGy2X6EITlNNf-QSMLu2POxTo1Vq6bcqkEkkOni45zIQ==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:08 GMT
etag: "4dbd2da7f7c45a97e3f6f6544ed428e892227cc3"
content-type: image/jpeg
age: 28204
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.nystexchange.com/home/js/onpagescroll.js
198.187.31.159200 OK 399 B URL HTTP/2 www.nystexchange.com/home/js/onpagescroll.js
IP 198.187.31.159:0
File type ASCII text, with very long lines (562)
Hash 983b5c9b2adbb4cdb23b3225d234ddf5
eb9387ccfcb6772be521facc1c4865f5fa501217
6d75e7d7de04068340666beeb9c1ef1bd724f02534eddc93ef819b5d9f4dc184
Analyzer Verdict Alert fortinet Malware
GET /home/js/onpagescroll.js HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: application/javascript
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 399
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e56f576ce4c320252cd028a38a1e4bde
8fbe2856a3e05ae7c45f4e35944d2835d47e4284
dc5783e5d50e89d2b9c72dea55751a64157dbc9ec9be85383a6df10b5ec1a602
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe39ddaa9-a775-40b9-af3a-870507ff4d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5142
x-amzn-requestid: 5b86b092-ff60-476c-855a-d32d5f10f115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yvz1CGInoAMF0Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296686-79e9a4cb75289e1b0785d4fc;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:06:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7k1682yCSjI5mtQhFZ8S1eSMo2qYEd7HF2T58X3cbCV2112QE46zXQ==
via: 1.1 2a44ef7b9d28e74c78ffadeedcbb887c.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:33 GMT
age: 27579
etag: "8fbe2856a3e05ae7c45f4e35944d2835d47e4284"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/logo-light.png
198.187.31.159200 OK 14 kB URL HTTP/2 www.nystexchange.com/home/images/logo-light.png
IP 198.187.31.159:0
File type PNG image data, 820 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 582af0982b1af6f78fd947eab27c5da0
856beb141ffc47d811e34d29d39f19e64681e525
eed5d312d4257274e069cdc12a1a94d1119dbdc1cd7ecb80ac4bf3ba3342653d
GET /home/images/logo-light.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Sat, 13 Aug 2022 17:08:21 GMT
accept-ranges: bytes
content-length: 13936
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/benefit-icon-4.png
198.187.31.159200 OK 8.9 kB URL HTTP/2 www.nystexchange.com/home/images/benefit-icon-4.png
IP 198.187.31.159:0
File type PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash 20892bb249d99e223664a7b16fd08966
36966f92b0c760237623d40ce41c5419ee6ae3f0
e5a196b58264ef3f8ae3813c1a052ee2f6622102aecca4f619d11dce232c7aea
GET /home/images/benefit-icon-4.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 8880
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/benefit-icon-2.png
198.187.31.159200 OK 11 kB URL HTTP/2 www.nystexchange.com/home/images/benefit-icon-2.png
IP 198.187.31.159:0
File type PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash 1a23d9a93d821e0304baf7055dbb0cd4
b37068b39255994264f4820a71de4deb75eb7309
e26f5b7b3e23aef5b47d5567b15fb1924daaddb07168e0e6dfce5f0da318e697
GET /home/images/benefit-icon-2.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 10930
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/benefit-icon-1.png
198.187.31.159200 OK 4.8 kB URL HTTP/2 www.nystexchange.com/home/images/benefit-icon-1.png
IP 198.187.31.159:0
File type PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d0b3e46f92eddf29a61eece32e23e7c
0a900059cdc92771b7c6727d9c5d2a29904c464a
bf466ba6ba8799b553adcb6d07d556fca6367bb552d3301ccbfb4e835e125e9e
GET /home/images/benefit-icon-1.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 4804
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/benefit-icon-5.png
198.187.31.159200 OK 8.8 kB URL HTTP/2 www.nystexchange.com/home/images/benefit-icon-5.png
IP 198.187.31.159:0
File type PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash c853895c783690ad026a34044b2e5b4a
3d9a0f378ac891d8ab9fffe4bb9face8f7e1a8d1
0fef9c89bea10c3ffae137fa0f3ea38c20db89278cce4048905cd1931840f85c
GET /home/images/benefit-icon-5.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 8828
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/images/transactions-icon.html
198.187.31.159200 OK 432 B URL HTTP/2 www.nystexchange.com/images/transactions-icon.html
IP 198.187.31.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4288920b8e93de65727288e8609343d
2bf13ab51df6087576c7ccf325552749866e66f1
b090b937d870e9f0842f80cd4a7f5561551c73afabfcb437a7d1b211b2f7f23c
Analyzer Verdict Alert fortinet Malware
GET /images/transactions-icon.html HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Sat, 13 Aug 2022 16:56:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 432
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/images/countries-icon.html
198.187.31.159200 OK 432 B URL HTTP/2 www.nystexchange.com/images/countries-icon.html
IP 198.187.31.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4288920b8e93de65727288e8609343d
2bf13ab51df6087576c7ccf325552749866e66f1
b090b937d870e9f0842f80cd4a7f5561551c73afabfcb437a7d1b211b2f7f23c
Analyzer Verdict Alert fortinet Malware
GET /images/countries-icon.html HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Sat, 13 Aug 2022 16:56:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 432
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/app-store-btn.png
198.187.31.159200 OK 6.0 kB URL HTTP/2 www.nystexchange.com/home/images/app-store-btn.png
IP 198.187.31.159:0
File type PNG image data, 212 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 075bc24003946989bf1389b160a4d3a0
4df42ed3c542d82ea4157ba60024081adf48b24f
b3d284a74e80d208018ebf4ebd17fa169ae4919f8a156f89963107c0bc7e35ff
GET /home/images/app-store-btn.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 6009
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa70ece15044b7318cb11ae5e37a64e7
04a0665f771562c3e56ac3542abe5bd3c4c1a6b5
8c974283b2ba0058114404af3e4818daa8cc56f270cb8a46f5f2f54de9d2f0e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F14ab4d12-a7de-4708-a657-df4600198640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8255
x-amzn-requestid: 3bf29c4a-406a-4645-ad18-44cd6f05d457
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4VnFEV-IAMFQMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ccfc6-3eaa337d1e1c1b6d5e951419;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:12:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: X-6P09-hgjmDFe4Y7P1KnXtJAuvJNen8XsBVIexf521SOxMivJ4t7A==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 17:53:33 GMT
age: 41739
etag: "04a0665f771562c3e56ac3542abe5bd3c4c1a6b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/benefit-icon-6.png
198.187.31.159200 OK 9.7 kB URL HTTP/2 www.nystexchange.com/home/images/benefit-icon-6.png
IP 198.187.31.159:0
File type PNG image data, 125 x 125, 8-bit/color RGBA, non-interlaced\012- data
Hash 14c46f3176087ee234262971a7803574
320fbd9ae0a0c1353e19f1fa5881f7cf5f7fb54b
e2b1fdfc5c0af46e4f57f6f0f0c7462a0baa9d7a4cd992d135c35fd0a30de1a5
GET /home/images/benefit-icon-6.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 9702
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9842
Expires: Tue, 27 Sep 2022 08:13:14 GMT
Date: Tue, 27 Sep 2022 05:29:12 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.24.14200 OK 77 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nystexchange.com
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 05:29:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 368724
expires: Sun, 17 Sep 2023 05:29:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrNXpR0rTMeblBMmsZ6zOnhRzNwuEpZKYEBBUO%2BNKeMPe27Ps6CR6IMZ6Ji0ip%2F0eLdTl%2FmD73kjYAS7JhR9nOI0Alz4qKco4ocHyGQuawnp3aj9CMYDcG6ttOKH%2FYmmXPKC5l%2Ba"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7511d71b8bdb0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nystexchange.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 467893
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 28205
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nystexchange.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:32:09 GMT
expires: Thu, 21 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 467823
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.163200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nystexchange.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 467893
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
142.250.74.163200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nystexchange.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:27:54 GMT
expires: Thu, 21 Sep 2023 19:27:54 GMT
cache-control: public, max-age=31536000
age: 468078
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nystexchange.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:27:53 GMT
expires: Thu, 21 Sep 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 468079
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nystexchange.com/home/images/binance.png
198.187.31.159200 OK 3.6 kB URL HTTP/2 www.nystexchange.com/home/images/binance.png
IP 198.187.31.159:0
File type PNG image data, 188 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 92f7ac671c6d1d66ecac369cbf993a60
60f64bccd031dc57c76efd6ab67af2dff1dcf922
224d4585622ebffa1aca22613e6c88ac332341db5071f80a181a3a0deb2f9cbe
GET /home/images/binance.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 3601
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/paxful.png
198.187.31.159200 OK 3.9 kB URL HTTP/2 www.nystexchange.com/home/images/paxful.png
IP 198.187.31.159:0
File type PNG image data, 188 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 5e815ec1a38d6d56a0ee13dd905ac9a1
6430f6397d6a3c0537d969394dd43a2beb66bf82
c4e9d81e59575537fe68a7de7ddbc64992aec624c73394fa64236ed39054ae22
GET /home/images/paxful.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 3866
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/trustwallet.png
198.187.31.159200 OK 5.2 kB URL HTTP/2 www.nystexchange.com/home/images/trustwallet.png
IP 198.187.31.159:0
File type PNG image data, 188 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash ccfa6dbf8493b32153704f7f930c95a4
5d2f996f9e1ba0617ed6252c60216f00859dedc2
f7466844d1548969345635b7cb1ddb930282f2a3fb930a523fed0c51e1fb87ec
GET /home/images/trustwallet.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 5212
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/js/bootstrap.min.js
198.187.31.159200 OK 13 kB URL HTTP/2 www.nystexchange.com/home/js/bootstrap.min.js
IP 198.187.31.159:0
File type ASCII text, with very long lines (50758)
Hash d6ae1fa9830006febc8d831df71d5d06
5749f689e462c91adf778d1709b91c3d3da9e25a
e0651b65bf82bd15e6d75948c331ea079c1d0336c3bee83d924d6f09aee46d46
Analyzer Verdict Alert fortinet Malware
GET /home/js/bootstrap.min.js HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: application/javascript
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13430
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/coinmama.png
198.187.31.159200 OK 5.0 kB URL HTTP/2 www.nystexchange.com/home/images/coinmama.png
IP 198.187.31.159:0
File type PNG image data, 188 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c06c8b98b66420bc185dc6041cac11d
ba5771926686828a04b2ce18ac523a518b402943
2a80dd3ca15545428eb448ac5c55b813cf01e82d11f910cd496dc12b77722bcb
GET /home/images/coinmama.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 4980
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/nhtagent.com/nht-upload/assets/javascripts/WhatsApp/WhatsApp.png
198.187.31.159200 OK 2.6 kB URL HTTP/2 www.nystexchange.com/nhtagent.com/nht-upload/assets/javascripts/WhatsApp/WhatsApp.png
IP 198.187.31.159:0
File type PNG image data, 64 x 65, 8-bit colormap, non-interlaced\012- data
Hash 6e503a1d10b9ff11e06c97434454e6e9
7e5a090a1bf21afcd7ea52e83a7d449cb0cce530
2f7fd22b79f0ed13a288ea74df3cb132603f749f6a01bdf982f7e0726a0b7bb1
GET /nhtagent.com/nht-upload/assets/javascripts/WhatsApp/WhatsApp.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Sat, 20 Apr 2019 12:30:06 GMT
accept-ranges: bytes
content-length: 2561
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/js/jquery.min.js
198.187.31.159200 OK 32 kB URL HTTP/2 www.nystexchange.com/home/js/jquery.min.js
IP 198.187.31.159:0
File type ASCII text, with very long lines (32086)
Hash 2c0b926a4ec586219f79206f8293308b
ebf8c3c7014ae0d0b28853be3f595316953d4778
6edd460f1966826ca7744be311d3e580075ef36f5d11718f787767a65cdc9faa
Analyzer Verdict Alert fortinet Malware
GET /home/js/jquery.min.js HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: application/javascript
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32294
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-109558606-2
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-109558606-2
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash ca1900e97fb62400e50b4781d2799eec
b0ea475f02bf5a3281b67b86ad0d8584a02990c0
cc6e983e5fb763dcf891c0b7aee22cb1907e3a11d687482388d0c48d15ea1b3b
GET /gtag/js?id=UA-109558606-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.coinlib.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 05:29:12 GMT
expires: Tue, 27 Sep 2022 05:29:12 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42261
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-K638SKQ
142.250.74.72200 OK 36 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-K638SKQ
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 981e70e45d558ec97e6e8a152f2191b9
72c610a3424f267135c5a66893d41e1223d9c43f
7c939bbeeb6c777c552fd7d2f1b5d252c12ab48e1822ab0c7b3736ca48106dda
GET /gtm.js?id=GTM-K638SKQ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.coinlib.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 05:29:12 GMT
expires: Tue, 27 Sep 2022 05:29:12 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 36348
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c67e642c341a7e36af3ad099f7596f36
bc6c4468c2afaf36e5ff26481a629cfbdb10c790
ec010e9a9ec3f12030c962914b8c6423544034b086b29594f661241b358da648
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC010E9A9EC3F12030C962914B8C6423544034B086B29594F661241B358DA648"
Last-Modified: Mon, 26 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15473
Expires: Tue, 27 Sep 2022 09:47:05 GMT
Date: Tue, 27 Sep 2022 05:29:12 GMT
Connection: keep-alive
www.nystexchange.com/home/js/owl.carousel.js
198.187.31.159200 OK 12 kB URL HTTP/2 www.nystexchange.com/home/js/owl.carousel.js
IP 198.187.31.159:0
File type ASCII text, with very long lines (2306)
Hash 8390d6d6c18cde60edaa22bcf86e1710
5ec82d1c267db62ed9fe7bf2d5becc1994c5737b
28c2629ea14035cc4a233e2c7e239b0add4d4fdd88d3b66ab771ba6d41afc9cc
Analyzer Verdict Alert fortinet Malware
GET /home/js/owl.carousel.js HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: application/javascript
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12457
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
142.250.74.10200 OK 21 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
IP 142.250.74.10:0
Hash 10069aeb9b31f564de5a51ad9844930d
1ad400d5a68527cc544b1e2d1e06510114040e18
cf0026bcc80bff7ba6562c09fb23cff4d6c7df1aa549ff33ed06e1e7b020afc9
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 05:29:11 GMT
date: Tue, 27 Sep 2022 05:29:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.coinlib.io/widget?type=horizontal_v2&theme=dark&pref_coin_id=1505&invert_hover=no
172.67.160.162200 OK 9.6 kB URL HTTP/2 widget.coinlib.io/widget?type=horizontal_v2&theme=dark&pref_coin_id=1505&invert_hover=no
IP 172.67.160.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (23688)
Hash 46a7caee06208696369378f5a06b9fce
976f3930477a192d7fbd9c8ed5596b231147ddfc
9d60f960d7976c246e028bfa238959bcf229bc908374c94d082545c8b5137d53
GET /widget?type=horizontal_v2&theme=dark&pref_coin_id=1505&invert_hover=no HTTP/1.1
Host: widget.coinlib.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 05:29:12 GMT
content-type: text/html; charset=UTF-8
x-xss-protection: 1
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: must-revalidate
vary: User-Agent,Accept-Encoding
set-cookie: IDENTITY=3f02c0df7e750a7507d4c7d4b5186171677f8e6c
x-cached: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1SffViITLsntQr1iN3tRG8d%2BZQM%2FiFympVKC2V7FeGQxOS%2BnLxdSUhUyb8EmRWbko1ngLNyU7MW7R%2FqIHf91Ix4AvXlkwuLpnQKVt095dqsuv8UGOnIZ8yY%2BOqMl%2FeWdRH68A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7511d71ad8c00b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.nystexchange.com/home/js/wow.min.js
198.187.31.159200 OK 2.6 kB URL HTTP/2 www.nystexchange.com/home/js/wow.min.js
IP 198.187.31.159:0
File type ASCII text, with very long lines (8051)
Hash 47def47426066bcf4d2702e505e7fcea
46ef720983ba4c0c514b64273e9d55ad6fe4cdf5
6c65a89017881d86da7edc7b1356585a249ff2b5376aae3ab2fa1ee69b4ea345
Analyzer Verdict Alert fortinet Malware
GET /home/js/wow.min.js HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: application/javascript
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2622
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/js/jquery.countdown.js
198.187.31.159200 OK 2.5 kB URL HTTP/2 www.nystexchange.com/home/js/jquery.countdown.js
IP 198.187.31.159:0
File type ASCII text, with very long lines (1557)
Hash a1a895fff72bdb5aad85368ea8e6f90a
6a7b75284108074ebb826b1585192bff848c8b27
48e90716e7e1ca3f4b7243b241398b4a3b1a19d92a61d00bce4aaba3a5581f0a
Analyzer Verdict Alert fortinet Malware
GET /home/js/jquery.countdown.js HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: application/javascript
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2462
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/js/script.js
198.187.31.159200 OK 1.5 kB URL HTTP/2 www.nystexchange.com/home/js/script.js
IP 198.187.31.159:0
File type ASCII text, with very long lines (2347)
Hash b9e851d18f61913ea17e315586457e6e
1439710a6007162647fd9f8d21d431e75d6d1228
da8c5155c3adce8b22a32d229916f7a7961982f0b71b58d755cd546aae80f1c3
Analyzer Verdict Alert fortinet Malware
GET /home/js/script.js HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: application/javascript
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1495
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
serving.stat-rock.com/player.js
95.217.58.251200 OK 103 kB URL HTTP/2 serving.stat-rock.com/player.js
IP 95.217.58.251:0
ASN #24940 Hetzner Online GmbH
Size 103 kB (102994 bytes)
Hash 5d63deb5a58721bc9986caab4e9f6563
480534df6a497a488cd1d7e1d946de6019f4ddc1
4487e483ac631225f00e69893e73cc99fd69df6405e40cc2daa22fcfbf9ad971
GET /player.js HTTP/1.1
Host: serving.stat-rock.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.coinlib.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 05:29:12 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 09:00:42 GMT
vary: Accept-Encoding
etag: W/"63282fba-4dee2"
cache-control: public, max-age=600
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nystexchange.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:30:59 GMT
expires: Thu, 21 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 467893
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/gold-animation-icon-1.png
198.187.31.159200 OK 66 kB URL HTTP/2 www.nystexchange.com/home/images/gold-animation-icon-1.png
IP 198.187.31.159:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash c4363d6b846ea789143365ff404d72bc
41517734a69fd53cea6f4578c0a74f71e7d069c2
531766466faf1d49ea20029497d4417f7ac9493c6d3c4f08dad97024de54fc91
GET /home/images/gold-animation-icon-1.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 65757
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/team-12.jpg
198.187.31.159200 OK 91 kB URL HTTP/2 www.nystexchange.com/home/images/team-12.jpg
IP 198.187.31.159:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 350x365, components 3\012- data
Hash 84207cfc5cf85f8c7e72e9b60017ed28
5f8e42ca2236a6c11ecbe5e8aa4763930655854c
a6bfa0c32aae8739e3b4cbf5131838ed08093f84ef9de3ffda2c492d42d512b4
GET /home/images/team-12.jpg HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/jpeg
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 90702
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/team-11.jpg
198.187.31.159200 OK 90 kB URL HTTP/2 www.nystexchange.com/home/images/team-11.jpg
IP 198.187.31.159:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 350x365, components 3\012- data
Hash 9a4927ed558af35c2be76a99d4b7f2c5
74fc0cbd2e17fa5540cd687ec86cab5061fb2076
840e43c4b447083cb41926cecbf59cd33273ad572ecb6e2af648efdcce669313
GET /home/images/team-11.jpg HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/jpeg
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 90456
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/team-10.jpg
198.187.31.159200 OK 80 kB URL HTTP/2 www.nystexchange.com/home/images/team-10.jpg
IP 198.187.31.159:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 350x365, components 3\012- data
Hash 2e2d72a0e2d3e6ec2fe5c321caa7d164
2e5453b2675a951ee05bf007a9e7e0ebd1aae1bf
508818a4a9f309cf91e8f516e0d55f05521119d1187173f4f04f26cd9f0e22f6
GET /home/images/team-10.jpg HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/jpeg
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 80080
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/team-9.jpg
198.187.31.159200 OK 89 kB URL HTTP/2 www.nystexchange.com/home/images/team-9.jpg
IP 198.187.31.159:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 350x365, components 3\012- data
Hash 92d0493bbded26d01bab7843b970f6ad
19d11f35c6c1754a5a52b285819f197ce97190ba
7a330f5ce61b81f15764d2bc2582be6cf8b91634f5b2f9a30837e17664c389a5
GET /home/images/team-9.jpg HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/jpeg
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 89141
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/1.png
198.187.31.159200 OK 166 kB URL HTTP/2 www.nystexchange.com/home/images/1.png
IP 198.187.31.159:0
File type PNG image data, 1000 x 707, 8-bit/color RGBA, non-interlaced\012- data
Size 166 kB (165768 bytes)
Hash 5f24ac3c239f21d93b3f56840c1d6fec
130fa92586dd76f417b3ccd37f55707f53fcf4b2
afe8fa439e9fe20206ee2e1ffe2c8de247d8c196e7cb584332a3197b029c0e6f
GET /home/images/1.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Sat, 13 Aug 2022 17:41:39 GMT
accept-ranges: bytes
content-length: 165768
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
widget-v4.tidiochat.com//tururu.mp3
104.26.8.139206 Partial Content 22 kB URL HTTP/2 widget-v4.tidiochat.com//tururu.mp3
IP 104.26.8.139:0
Hash 5610c1dd3552588985449dd7148019f6
7bc66485f3ea11ab771e9bd4d0aeb2cb64f6d5a5
0eb519cc89d8d9838d620bbf5d2341506f0cae9ef4fe2610fbd2cba8b127d4e7
GET //tururu.mp3 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Tue, 27 Sep 2022 05:29:13 GMT
content-type: audio/mpeg
content-length: 7224
last-modified: Tue, 13 Sep 2022 07:44:17 GMT
etag: "632034d1-1c38"
expires: Thu, 29 Sep 2022 02:08:19 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1048854
content-range: bytes 0-7223/7224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4IzqcbGaHnqe3gfGEJutgsv9qZOLQJ4Cex4tg%2BzZSAqp%2BA%2Bq94aLY8S3TP0pF16eRXPvqKsYGfcVapCAa%2Ftb1XMVUcHfWOLmGSuTpa23N5eSiUbAsMEbSw7lP0bso6cNveHok1y1UXr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7511d721aa9cb4eb-OSL
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 132 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
Size 132 kB (132342 bytes)
Hash f32d095bf7ba1b25867f547d9350b7ca
f14f4ee28f15d466d7d4283a641e01e43593ab41
47357aead7e591eac2ec4f8af8c0856ed5026271a920c163b3b29b760c075351
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://widget.coinlib.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 04:41:09 GMT
expires: Tue, 27 Sep 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 2884
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans:400,700
142.250.74.10200 OK 25 kB URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans:400,700
IP 142.250.74.10:0
Hash 8767cf46952fa93202c880134d00fd45
f5909778f5d0a02ef869aec324a7bd6c5c8efbb4
821e28efda26efe9aa89071c4ae399fdcb03581e683e6540a20dc92b7317e3b0
GET /css?family=PT+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 05:29:11 GMT
date: Tue, 27 Sep 2022 05:29:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/earth-icon-1.png
198.187.31.159200 OK 2.3 kB URL HTTP/2 www.nystexchange.com/home/images/earth-icon-1.png
IP 198.187.31.159:0
File type PNG image data, 28 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash e2e9163eb79745e50377239d80fc48bb
d832feb760be50e6d0a9ce1565700601e874160d
6225dabd559787aa32c1cb0ae66dc461945d94f9f662e3bf2bc1726f84de77eb
GET /home/images/earth-icon-1.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 2260
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/banner-6.jpg
198.187.31.159200 OK 72 kB URL HTTP/2 www.nystexchange.com/home/images/banner-6.jpg
IP 198.187.31.159:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x971, components 3\012- data
Hash dc29b512d80c09611c6e8ba223b8389f
ea079bacaf062c107b8633ff76c96b82dda3f5fc
2b358f5ed69758d36404d8a1cfd2fb7f0558a7d34f39a9e8493f03516b37b5aa
GET /home/images/banner-6.jpg HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: image/jpeg
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 71504
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/earth-icon-2.png
198.187.31.159200 OK 2.4 kB URL HTTP/2 www.nystexchange.com/home/images/earth-icon-2.png
IP 198.187.31.159:0
File type PNG image data, 21 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 7d0ecc58ffaaadb016fed15e6c891638
f9efcef6842961719613f6ef250de0729b637ecb
f3d22b87372b4e7c09a07ecaac376c1284c653b868af9834cf68502f4c7f9dec
GET /home/images/earth-icon-2.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 2358
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/earth-icon-3.png
198.187.31.159200 OK 2.3 kB URL HTTP/2 www.nystexchange.com/home/images/earth-icon-3.png
IP 198.187.31.159:0
File type PNG image data, 34 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash a11dad755c87aa7728b1057aabc33f63
561050af0fe97dbfb60e8fbebf900a6a8582c01b
9b3fb0b693ec3ac8638f880a93be234d2228fccb223489d771388912f6e972b1
GET /home/images/earth-icon-3.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 2276
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/earth-icon-5.png
198.187.31.159200 OK 2.3 kB URL HTTP/2 www.nystexchange.com/home/images/earth-icon-5.png
IP 198.187.31.159:0
File type PNG image data, 26 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash e64d3b405a5f2536da600563df7efdb1
f736bfc88b19b256331e446ab7c2239af3a24a4c
473f7cd0cee713d18233a71964eecbbc53f8265fbc5b8db0dd67fcddca9264f2
GET /home/images/earth-icon-5.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 2301
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/earth-icon-6.png
198.187.31.159200 OK 1.4 kB URL HTTP/2 www.nystexchange.com/home/images/earth-icon-6.png
IP 198.187.31.159:0
File type PNG image data, 16 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c1cd951a51b1a6778d62cf39b8b590a
3271c71485d0e11e7fe4f4ec821b1a01efcff019
d99a1835d691999830cefdaa6e9b1ed76147dae6e8b4f4f849b63f8aa74e7468
GET /home/images/earth-icon-6.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 1429
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/earth-icon-4.png
198.187.31.159200 OK 1.9 kB URL HTTP/2 www.nystexchange.com/home/images/earth-icon-4.png
IP 198.187.31.159:0
File type PNG image data, 25 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash a7e592347a527bde5c549190f04f1e1c
56cc4e17bae18fc8b777b2e765b56950b94a4897
404b3fa4765a925718b80049ec2dbe175f5c8e9cdd6cfde8720cee4b4a7676cf
GET /home/images/earth-icon-4.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 1898
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/gold-animation-icon.png
198.187.31.159200 OK 58 kB URL HTTP/2 www.nystexchange.com/home/images/gold-animation-icon.png
IP 198.187.31.159:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash b8d5394e7884490481e44f0571cadca0
2414ca9993e37b110fa4fbf9d8f227e47548b8d3
efa0f2643c58cb09fc72eb739e1a208b9684206ca4e331939f4b49c98fced31f
GET /home/images/gold-animation-icon.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 58395
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
widget-ws.coinlib.io/socket.io/?EIO=4&transport=websocket&sid=bAFhAxFpxbWuJIKhIv0z
188.114.96.1101 Switching Protocols 0 B URL HTTP/1.1 widget-ws.coinlib.io/socket.io/?EIO=4&transport=websocket&sid=bAFhAxFpxbWuJIKhIv0z
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=4&transport=websocket&sid=bAFhAxFpxbWuJIKhIv0z HTTP/1.1
Host: widget-ws.coinlib.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://widget.coinlib.io
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WAl5l+72/U+13rh/Dqsu2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 27 Sep 2022 05:29:14 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YeTha0YOW9rdhEeCBC7lCdNQrRs=
Sec-WebSocket-Extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FsRvY8VKnSaaZ2ZEDy1p63YrMr%2F8gGSgZYPUXiasaEQVOejPCxC2MmFCPO6pgDnl821DUHe%2Frpnp6Hlpv4B7zQdReL0vHHuJwU64MIO70xfEQIzHW7w2oAe9zci%2BDrt663aRMN0gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7511d72b6a65b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget-ws.coinlib.io/socket.io/?EIO=4&transport=websocket&sid=jEP7frTSpoF_SC4tIv02
188.114.96.1101 Switching Protocols 6 B URL HTTP/1.1 widget-ws.coinlib.io/socket.io/?EIO=4&transport=websocket&sid=jEP7frTSpoF_SC4tIv02
IP 188.114.96.1:0
Hash 1e02d0e82447e64c81ed1418dd55eabb
60c46003f53fd72f4108baaadc72973271da3df7
62cc547570511553b6491c61b8c2ef627e91bf9d9b6337f0baefc88955786530
GET /socket.io/?EIO=4&transport=websocket&sid=jEP7frTSpoF_SC4tIv02 HTTP/1.1
Host: widget-ws.coinlib.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://widget.coinlib.io
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7RmqNTb6iLplt5i+4oP1Fw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 27 Sep 2022 05:29:14 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HDja2ZiOIXAneMVzfln4R73BDvU=
Sec-WebSocket-Extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiPFdJ9rxjcxlXaJ5srijRCLwgNu4R4geVY4L0yOI2AbueCJVP1VE8ZiefzogkGHFacrl%2FgOLaxD7xe4eQWsKdEueWNW5mvJ6gscawy5gBChd1CZrVY6%2BCn6EOW46L0XlLYarI2AHw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7511d72c1fed0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.nystexchange.com/home/fonts/fa-brands-400.woff2
198.187.31.159200 OK 64 kB URL HTTP/2 www.nystexchange.com/home/fonts/fa-brands-400.woff2
IP 198.187.31.159:0
File type Web Open Font Format (Version 2), TrueType, length 64144, version 1.0\012- data
Hash 6814d0e8136d34e313623eb7129d538e
d902f8db3e021155f177f698a252fb98d6e61768
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
Analyzer Verdict Alert fortinet Malware
GET /home/fonts/fa-brands-400.woff2 HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/fontawesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: font/woff2
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 64144
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/fonts/fa-solid-900.woff2
198.187.31.159200 OK 62 kB URL HTTP/2 www.nystexchange.com/home/fonts/fa-solid-900.woff2
IP 198.187.31.159:0
File type Web Open Font Format (Version 2), TrueType, length 62472, version 1.0\012- data
Hash b75b4bfe0d58faeced5006c785eaae23
92da6e3c7121e21cdfde25ef08797a3937a683e1
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
Analyzer Verdict Alert fortinet Malware
GET /home/fonts/fa-solid-900.woff2 HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/fontawesome.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: font/woff2
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 62472
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
code.tidio.co/lgemrmr8yntzm36r2qocs92buucmn5g9.js
172.67.72.223302 Found 146 kB URL HTTP/2 code.tidio.co/lgemrmr8yntzm36r2qocs92buucmn5g9.js
IP 172.67.72.223:0
Size 146 kB (145656 bytes)
Hash 44556aa273aec37d703e65a816acc7d9
f122894c3cc93d329fa7218bfd54e96bb5adfa76
8419e15ccf2dc32e80e11dbff0b3f61bfc5de05c54437718186d32de4c8f80be
GET /lgemrmr8yntzm36r2qocs92buucmn5g9.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 27 Sep 2022 05:29:11 GMT
content-type: text/html
location: https://widget-v4.tidiochat.com/1_114_0/static/js/render.64874ea49214d2736b46.js
cache-control: private, no-cache, no-store, must-revalidate
widget-cache-status: HIT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmTs9103AS0oIDc8lUrLVldRv9ntwkhRBKYPifanezYxU36GeV4aHMVLsdqprQKBjXYlIyBwlHo%2BtOsJ2enx2Q%2BYWgXC7SghWj0Xl8rquooeQkipVYzFDHGmjnohElg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7511d7145caeb500-OSL
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/question-img-rev.html
198.187.31.159200 OK 432 B URL HTTP/2 www.nystexchange.com/home/images/question-img-rev.html
IP 198.187.31.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4288920b8e93de65727288e8609343d
2bf13ab51df6087576c7ccf325552749866e66f1
b090b937d870e9f0842f80cd4a7f5561551c73afabfcb437a7d1b211b2f7f23c
Analyzer Verdict Alert fortinet Malware
GET /home/images/question-img-rev.html HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Sat, 13 Aug 2022 16:56:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 432
date: Tue, 27 Sep 2022 05:29:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/question-img.html
198.187.31.159200 OK 432 B URL HTTP/2 www.nystexchange.com/home/images/question-img.html
IP 198.187.31.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e4288920b8e93de65727288e8609343d
2bf13ab51df6087576c7ccf325552749866e66f1
b090b937d870e9f0842f80cd4a7f5561551c73afabfcb437a7d1b211b2f7f23c
Analyzer Verdict Alert fortinet Malware
GET /home/images/question-img.html HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Sat, 13 Aug 2022 16:56:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 432
date: Tue, 27 Sep 2022 05:29:13 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ae09697649b2860f5a2b56db9843e25a
e9de43ae1696afbbf27999ffd68c6c78aeff4299
9ad563044460ecb97bfba94a35c90c0b13802728a9e386dde51c8bd8ff88328f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 05:29:15 GMT
Last-Modified: Tue, 27 Sep 2022 04:29:50 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 57OBCHTk77AvHBoU-4Kl7bpwSHvGCJeDD92JGBOu91Wgb3zX2w7VXQ==
Age: 3565
socket.tidio.co/socket.io/?ppk=lgemrmr8yntzm36r2qocs92buucmn5g9&device=desktop&EIO=3&transport=websocket
52.49.206.127101 Switching Protocols 0 B URL HTTP/1.1 socket.tidio.co/socket.io/?ppk=lgemrmr8yntzm36r2qocs92buucmn5g9&device=desktop&EIO=3&transport=websocket
IP 52.49.206.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?ppk=lgemrmr8yntzm36r2qocs92buucmn5g9&device=desktop&EIO=3&transport=websocket HTTP/1.1
Host: socket.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.nystexchange.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dUUKZQA33lYq/sxRFrL6Ug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 27 Sep 2022 05:29:15 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zFLRIQucdxqprxxG+rLrLhvtNLQ=
Sec-WebSocket-Extensions: permessage-deflate
www.nystexchange.com/home/images/mercury-earth.png
198.187.31.159200 OK 150 kB URL HTTP/2 www.nystexchange.com/home/images/mercury-earth.png
IP 198.187.31.159:0
File type PNG image data, 430 x 430, 8-bit/color RGBA, non-interlaced\012- data
Size 150 kB (150007 bytes)
Hash dd2c05c3e568d29d7bb7235a994c8640
ccd8fa278dfa0f675060cd3d7b8e85e1ab6156a0
c8475cd78641be5f8131f7206d80884950544feeb7c76d7734efa92c36144065
GET /home/images/mercury-earth.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 150007
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 71265a0c6851c7a8b791cad4aa3db788
7ff19cc491bb3b6207818100171cc99932510040
2ce831555f110600647e1a8256cf62728fe0253067c5210ae30b1d4b376833e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3325
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 05:29:16 GMT
Last-Modified: Tue, 27 Sep 2022 04:33:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
23.111.9.57200 OK 1.8 kB URL HTTP/2 twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
IP 23.111.9.57:0
File type gzip compressed data, max compression\012- data
Hash 701c2cfc025df651eb61904396f780de
36c833c0d5a049d08e575ac087d5e80492a0e0e5
0f8b7c73fed43a274a2514cd02c466a1935f045f3e1de808d82ea3f91a8af530
GET /v/13.0.1/72x72/1f44b.png HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 05:29:16 GMT
content-type: image/png
content-length: 1285
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:17 GMT
access-control-allow-origin: *
etag: "62451ee1-505"
expires: Thu, 27 Oct 2022 05:29:16 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 080A:ADCD:1984B7C:1A59E20:632D95C1
vary: Accept-Encoding
x-fastly-request-id: e7de65f21a7c001acfc206d3a5bb82af2db56e91
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/mercury-iphone-img.png
198.187.31.159200 OK 490 kB URL HTTP/2 www.nystexchange.com/home/images/mercury-iphone-img.png
IP 198.187.31.159:0
File type PNG image data, 1080 x 1967, 8-bit/color RGBA, non-interlaced\012- data
Size 490 kB (489995 bytes)
Hash 0c52d52f1b82bf3fa0ed5744414ffb81
d707ff4d10151e06ad51eac76d1c5bef5e9c76bc
32aa1725cb7e4ea744b5ec3d54f06067cb746d76db7a4f81b0fb5a954ef8fc1f
GET /home/images/mercury-iphone-img.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:11 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 489995
date: Tue, 27 Sep 2022 05:29:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/favicon.png
198.187.31.159200 OK 5.7 kB URL HTTP/2 www.nystexchange.com/home/images/favicon.png
IP 198.187.31.159:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b3d689ed3668c49ce499b7f5e3e94fd
d69a1a545558329780fb911b03ad00217ada00e6
bda41bf22e3662eec4447f4adff57bbc369838306ed1a564459884c1b0982dfa
GET /home/images/favicon.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:14 GMT
content-type: image/png
last-modified: Sat, 13 Aug 2022 17:17:25 GMT
accept-ranges: bytes
content-length: 5707
date: Tue, 27 Sep 2022 05:29:14 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
widget-v4.tidiochat.com//1_114_0/static/js/widget.64874ea49214d2736b46.js
104.26.8.139200 OK 166 kB URL HTTP/2 widget-v4.tidiochat.com//1_114_0/static/js/widget.64874ea49214d2736b46.js
IP 104.26.8.139:0
File type ASCII text, with very long lines (65451)
Size 166 kB (165458 bytes)
Hash 6179375bb67184c752f04d466b3db92c
8dffd36ac4e2c799c266396e638124843104cd35
88c5428e97ed6c10e6e97463f769425807d65c89e12a75124b90df784fbd68a7
GET //1_114_0/static/js/widget.64874ea49214d2736b46.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 05:29:14 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:25:23 GMT
vary: Accept-Encoding
etag: W/"63230ba3-826dd"
cache-control: max-age=691200
cf-cache-status: HIT
age: 6167
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVvhdVIwV7XDqyTI9e15jJQTUQxOl3eHbCPJEjbi5zj19YQb2mAK4%2BWH8aNxdJ2lD6xojbJPbXdyyOv5nk6YtlNO8K9JyI9c4UEscnHxNEqRsYCcOSx%2FY3oSiCqg4entdsLIkXLb1Vci"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7511d72b5aa5b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/mercury-earth-map.png
198.187.31.159200 OK 239 kB URL HTTP/2 www.nystexchange.com/home/images/mercury-earth-map.png
IP 198.187.31.159:0
File type PNG image data, 2508 x 1254, 8-bit/color RGBA, non-interlaced\012- data
Size 239 kB (239395 bytes)
Hash 0cb097ce37e44d4881bc14b88074cd4d
aa1f1ec42eee17cdf6c3051064c7e70007311b7e
1f0673271a92eb8f4fb8a173f7de46aafcff980b800cab18f4860bc916202754
GET /home/images/mercury-earth-map.png HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: image/png
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 239395
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.nystexchange.com/home/images/bg-1.jpg
198.187.31.159200 OK 358 kB URL HTTP/2 www.nystexchange.com/home/images/bg-1.jpg
IP 198.187.31.159:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x434, components 3\012- data
Size 358 kB (358516 bytes)
Hash 868e16cbe50830deea70551bbb9ddbcd
013bf7e2963b2e7f8d6c48a4b9b9186c9066f814
65cbf4e8d004e54499088659d549e0abcfbc3742a6bf8c0e3cfd407031c717b6
GET /home/images/bg-1.jpg HTTP/1.1
Host: www.nystexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/home/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 05:29:12 GMT
content-type: image/jpeg
last-modified: Tue, 07 Jun 2022 00:50:26 GMT
accept-ranges: bytes
content-length: 358516
date: Tue, 27 Sep 2022 05:29:12 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/1_114_0/static/js/chunk-WidgetIframe-64874ea49214d2736b46.js
104.26.8.139200 OK 0 B URL HTTP/2 widget-v4.tidiochat.com/1_114_0/static/js/chunk-WidgetIframe-64874ea49214d2736b46.js
IP 104.26.8.139:0
GET /1_114_0/static/js/chunk-WidgetIframe-64874ea49214d2736b46.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 05:29:13 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:25:23 GMT
vary: Accept-Encoding
etag: W/"63230ba3-5575e"
cache-control: max-age=691200
cf-cache-status: HIT
age: 6145
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNQiEPfF0DcS5pmG3E09PD%2BHUI%2F0UWNOZPeC4iqQFuK9tpmV6wE7qSQY7y85KQ0Wd034%2FTBk97R7GbuBBrMVyV7Qa8CcPMjnx9d%2BCmswKysL97nbV26B4TTUKZO3MmaE5PpZa%2BpkQVCk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7511d7218a7bb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
widget-ws.coinlib.io/socket.io/?EIO=4&transport=polling&t=ODzQwY1
188.114.96.1200 OK 0 B URL HTTP/2 widget-ws.coinlib.io/socket.io/?EIO=4&transport=polling&t=ODzQwY1
IP 188.114.96.1:0
GET /socket.io/?EIO=4&transport=polling&t=ODzQwY1 HTTP/1.1
Host: widget-ws.coinlib.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widget.coinlib.io
Connection: keep-alive
Referer: https://widget.coinlib.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 05:29:13 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://widget.coinlib.io
access-control-allow-credentials: true
testing-boi: https://widget.coinlib.io
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BW8N%2FuX%2FvGbytAQcLSZol1CIoEbxkek1113MumZmKwmtMfWWZYQSUSAawa%2BNv7c3W7E1T04G9zKankqqoUiJuvZZIpXhgAf3NC5EcWQiEYTl0peEGcX6TXPljJVH5M7DBFTOG2RYwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7511d720cedc0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget-ws.coinlib.io/socket.io/?EIO=4&transport=polling&t=ODzQwSg
188.114.96.1200 OK 0 B URL HTTP/2 widget-ws.coinlib.io/socket.io/?EIO=4&transport=polling&t=ODzQwSg
IP 188.114.96.1:0
GET /socket.io/?EIO=4&transport=polling&t=ODzQwSg HTTP/1.1
Host: widget-ws.coinlib.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://widget.coinlib.io
Connection: keep-alive
Referer: https://widget.coinlib.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 05:29:12 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://widget.coinlib.io
access-control-allow-credentials: true
testing-boi: https://widget.coinlib.io
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bI0CsVcxKB%2FIKuVSlji6J4UDs1HshUW4EIWwxZGj03Dv566%2BR9Ui8Nu1CZnnCUFVm9bn%2F5RFLAVWXpvNmDDmYQtuBORipnYD5MJVxyYzrK2vxeyyPA8aj9FLTdxSeyjccf56A4FTyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7511d71f5dd10b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,800
IP 142.250.74.10:0
GET /css?family=Poppins:300,400,500,600,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nystexchange.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 05:29:11 GMT
date: Tue, 27 Sep 2022 05:29:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/1_114_0/static/js/render.64874ea49214d2736b46.js
104.26.8.139200 OK 0 B URL HTTP/2 widget-v4.tidiochat.com/1_114_0/static/js/render.64874ea49214d2736b46.js
IP 104.26.8.139:0
GET /1_114_0/static/js/render.64874ea49214d2736b46.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nystexchange.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 05:29:11 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:25:23 GMT
vary: Accept-Encoding
etag: W/"63230ba3-4311"
cache-control: max-age=691200
cf-cache-status: HIT
age: 6251
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RGJb2gHykw4Op8Swh6xyv99uzqEzQKWCRBUlY5XpA%2FmNC8ltho0htlMIhxE67Eoj9jxi7SrRtsoNsHbdMTyP4%2Ft7pl9U8X8x8mr8j7ixFi%2FRY04Fvb1hzGaWlh8%2Fb%2FsPKU6qGH3p0F%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7511d714efc9b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2