r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4575
Expires: Wed, 30 Nov 2022 11:03:12 GMT
Date: Wed, 30 Nov 2022 09:46:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6301
Cache-Control: max-age=95355
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:46:57 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 12:16:12 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6844
Expires: Wed, 30 Nov 2022 11:41:01 GMT
Date: Wed, 30 Nov 2022 09:46:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 09:18:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1737
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /bymtoG10OjeroF4kNyZyrnWFQx82ejEmMJqMldKIZsLmOGbX1aMT8Ni27go9AVZz4uIR+BxYRo=
x-amz-request-id: T99XMM6QM9Q4G1A5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 09:45:11 GMT
age: 106
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:46:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
66.235.200.146200 OK 2.8 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
IP 66.235.200.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (730), with CRLF line terminators
Hash 9a5157b8690b0b7d6ef44e838e612447
f329f2eba2a43782bb4a3b35988bc530d5f9f402
3f85eb9e5606c0bfff1f323abe3b0cb5f9b5f34edff7e07ec9f56863d237ce8f
Analyzer Verdict Alert fortinet Phishing
GET /grace/power/index.php?email=kts@kts-kuwait-tourism.com HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:46:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Last-Modified: Wed, 30 Nov 2022 09:46:57 GMT
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7722a8aa3a7fb527-OSL
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 09:11:14 GMT
cache-control: public,max-age=3600
age: 2143
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6301
Cache-Control: max-age=90291
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:46:58 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:51:49 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
cch.uiw.mybluehost.me/grace/power/program/js/common.min48d3.js?s=1587930608
66.235.200.146200 OK 5.3 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/program/js/common.min48d3.js?s=1587930608
IP 66.235.200.146:0
File type ASCII text, with very long lines (1376)
Hash 8c6ac07b830fad609ae8f6e72f35671e
5aa8c1cdd7dcd59257dde49d1b60ffab08e0fb0f
e90ffe41fadfab0bdf6a245e582d2af1ec4da76aee6af2104b34a8c10fa6e841
GET /grace/power/program/js/common.min48d3.js?s=1587930608 HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:46:58 GMT
Content-Type: application/javascript
Content-Length: 5252
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7722a8ae7d94fac8-OSL
cch.uiw.mybluehost.me/grace/power/plugins/jqueryui/themes/elastic/jquery-ui83e0.css?s=1587930607
66.235.200.146200 OK 9.8 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/plugins/jqueryui/themes/elastic/jquery-ui83e0.css?s=1587930607
IP 66.235.200.146:0
File type ASCII text, with very long lines (2515)
Hash ab655ca7503383f7c1d37bc571e6df78
86b14afe0c62b9c06ede5b5604fc218fddb6849d
381d6b839c618d7f8d4d2ba60cf794df3c6d1f3a3a9bb6aaa93f1291e0a0d227
GET /grace/power/plugins/jqueryui/themes/elastic/jquery-ui83e0.css?s=1587930607 HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:46:58 GMT
Content-Type: text/css
Content-Length: 9774
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7722a8ae7a9cb505-OSL
cch.uiw.mybluehost.me/grace/power/skins/elastic/deps/bootstrap.minf389.css?s=1587930641
66.235.200.146200 OK 35 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/skins/elastic/deps/bootstrap.minf389.css?s=1587930641
IP 66.235.200.146:0
File type ASCII text, with very long lines (65324)
Hash 6b2579ba261784fb43306947085ccd08
dd118b0ae3bf86a86b231a6edf14eef23368a34f
3e37acbacac4dff40c6f133cd198dd1f798fdeb7b640258341b8f32731a52950
GET /grace/power/skins/elastic/deps/bootstrap.minf389.css?s=1587930641 HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:46:58 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7722a8ae7843b527-OSL
cch.uiw.mybluehost.me/grace/power/skins/elastic/styles/styles9ce7.css?s=1614399035
66.235.200.146200 OK 32 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/skins/elastic/styles/styles9ce7.css?s=1614399035
IP 66.235.200.146:0
File type ASCII text, with very long lines (2297), with CRLF line terminators
Hash d4f2a03009739653eac02c4b7cc2eba5
287832f719ccb3bee987a1094185f625095f9ed0
5f73bf9af6e9150ba600b7cd815b2e2b42e0be49755474e7814dfaf49a8e9c59
Analyzer Verdict Alert fortinet Phishing
GET /grace/power/skins/elastic/styles/styles9ce7.css?s=1614399035 HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:46:58 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7722a8ae7b2b1c0e-OSL
push.services.mozilla.com/
35.161.26.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.26.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: k1snMLbXTW9+llCit3jRzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J39/NtxtdNtUjGIZbJuDWv3GY6Q=
i.gyazo.com/0a3fdd86ffe50044562b7a32d4ced6b8.png
104.18.36.4200 OK 2.7 kB URL HTTP/2 i.gyazo.com/0a3fdd86ffe50044562b7a32d4ced6b8.png
IP 104.18.36.4:0
File type PNG image data, 432 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a3fdd86ffe50044562b7a32d4ced6b8
7e4442bf0867bb6afa4b7838343f99fe45d86df5
daee414c5e668f3ceca0c4d266660ab655f9f27e8e2f4a7323c36e3e7d860c01
GET /0a3fdd86ffe50044562b7a32d4ced6b8.png HTTP/1.1
Host: i.gyazo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:46:58 GMT
content-type: image/png
content-length: 2687
cf-ray: 7722a8aed8deb506-OSL
accept-ranges: bytes
access-control-allow-origin: https://gyazo.com
cache-control: public, max-age=31536000
etag: "0a3f"
expires: Thu, 30 Nov 2023 09:46:58 GMT
set-cookie: Gyazo_cfwoker=i; Secure; HttpOnly; SameSite=None; Expires=Tue, 01 Jan 2030 00:00:00 GMT
vary: Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
access-control-allow-credentials: true
content-dpr: 1.000000
x-cache-level: ZS
server: cloudflare
X-Firefox-Spdy: h2
cch.uiw.mybluehost.me/grace/power/program/js/app.min48d3.js?s=1587930608
66.235.200.146200 OK 66 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/program/js/app.min48d3.js?s=1587930608
IP 66.235.200.146:0
File type ASCII text, with very long lines (690)
Hash 7b800a44c8f1710b517ae3b3e0d2fc9b
0965cb3e40c9cf49de8d341edd276454afc30ad0
fd3b1848f5e23aad570de23cf4fe722cb7d957c5434221ba4a62c88651be57b2
GET /grace/power/program/js/app.min48d3.js?s=1587930608 HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:46:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7722a8ae89ecb524-OSL
cch.uiw.mybluehost.me/grace/power/program/js/jquery.min0a22.js?s=1587930636
66.235.200.146200 OK 40 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/program/js/jquery.min0a22.js?s=1587930636
IP 66.235.200.146:0
File type ASCII text, with very long lines (64001)
Hash 5407057214186860091671daf648b428
b5cd194babdde2ae9bfdafec1c377fd5b988a222
59bacd411c2981cb3bb3510878c58510001f675afe9034989a5cc45666bedb23
GET /grace/power/program/js/jquery.min0a22.js?s=1587930636 HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:46:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7722a8ae7aaeb518-OSL
cch.uiw.mybluehost.me/grace/power/program/js/jstz.min0a22.js?s=1587930636
66.235.200.146200 OK 5.5 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/program/js/jstz.min0a22.js?s=1587930636
IP 66.235.200.146:0
File type ASCII text, with very long lines (12020)
Hash ad24892f11d070d815df17297216a755
45fd1880413f2e17e938c74b2c465483d3b6fff5
baab1d6d4c72b1677032e7b6716e9ca2fcf7a3c16276133eccc32b49d92520d1
Analyzer Verdict Alert fortinet Phishing
GET /grace/power/program/js/jstz.min0a22.js?s=1587930636 HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:46:58 GMT
Content-Type: application/javascript
Content-Length: 5462
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 7722a8b1ff74fac8-OSL
cch.uiw.mybluehost.me/grace/power/skins/elastic/deps/bootstrap.bundle.minf389.js?s=1587930641
66.235.200.146200 OK 32 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/skins/elastic/deps/bootstrap.bundle.minf389.js?s=1587930641
IP 66.235.200.146:0
File type ASCII text, with very long lines (65297)
Hash 8fe6e6ab97986c64de6661d6bd359b31
eb315092b90f9f8b9e6791b3a4eb52de7b781c6c
30586818f3ac3f0d637253be20c75dca884cc1375d759280a61f00acc6c87188
GET /grace/power/skins/elastic/deps/bootstrap.bundle.minf389.js?s=1587930641 HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:46:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7722a8b2fea9b527-OSL
cch.uiw.mybluehost.me/grace/power/skins/elastic/ui.min48d3.js?s=1587930608
66.235.200.146200 OK 26 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/skins/elastic/ui.min48d3.js?s=1587930608
IP 66.235.200.146:0
File type ASCII text, with very long lines (577)
Hash bcdd5f2c4f9bbb573c52e906c3086c58
1a9edc9455044f3dd954c5ae8b7fc25369a5d17e
4dd223534299cbb57274d3bc7a0bbe1039f458f23c2452553a7737b69e143167
Analyzer Verdict Alert fortinet Phishing
GET /grace/power/skins/elastic/ui.min48d3.js?s=1587930608 HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:46:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7722a8b31f031c0e-OSL
cch.uiw.mybluehost.me/grace/power/plugins/jqueryui/js/jquery-ui.min83e0.js?s=1587930607
66.235.200.146200 OK 94 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/plugins/jqueryui/js/jquery-ui.min83e0.js?s=1587930607
IP 66.235.200.146:0
File type ASCII text, with very long lines (33303)
Hash 799e0ce41af5c2087686ed1b590af7c9
c2db5e6617492fed945a36e791fdcd5e16fdcf2b
297c6478c6bfdf7d3f5367a7c942bcfb7201eb858b13396251e3a5b4b7c6ef42
GET /grace/power/plugins/jqueryui/js/jquery-ui.min83e0.js?s=1587930607 HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:46:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7722a8b20f3fb505-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10529
Expires: Wed, 30 Nov 2022 12:42:28 GMT
Date: Wed, 30 Nov 2022 09:46:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10529
Expires: Wed, 30 Nov 2022 12:42:28 GMT
Date: Wed, 30 Nov 2022 09:46:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10529
Expires: Wed, 30 Nov 2022 12:42:28 GMT
Date: Wed, 30 Nov 2022 09:46:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10529
Expires: Wed, 30 Nov 2022 12:42:28 GMT
Date: Wed, 30 Nov 2022 09:46:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:35:09 GMT
age: 40310
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 41893
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 43048
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ceb8e975fb408de32c43f55febaa6414
453067f6ab356aa87a3ad3b56e33545376597852
e0ecbb6052b4fef75f58da8dae589c81ab9ec9d304de08f26c144a2c3ce9eaac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4f88ec5-5875-45d1-bcd3-d997040d6d42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3719
x-amzn-requestid: 6fab3454-fedd-4a1e-ae47-468ddd6233bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaGQ4IAMFUkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-4b313cf054d6301e71cdc0c1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: phw8DXQgjOyH5g4gvbqgZk-2sHr2n9cHVr4lqqPXfXtyhG32gs2pIg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 42854
etag: "453067f6ab356aa87a3ad3b56e33545376597852"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 42634
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 42848
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cch.uiw.mybluehost.me/grace/power/skins/elastic/images/ZUOb1aa.png?s=1614400651
66.235.200.146200 OK 35 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/skins/elastic/images/ZUOb1aa.png?s=1614400651
IP 66.235.200.146:0
File type PNG image data, 400 x 320, 8-bit/color RGB, non-interlaced\012- data
Hash a0886eac2f960333704cf4a47240b51c
6ef244a059b2a0685f8b117541aaaba16efd4480
c25bdf9798bd89fdab33e37b4222f7ab946f169b1a9c3d8b858d8219feb3ae5f
Analyzer Verdict Alert fortinet Phishing
GET /grace/power/skins/elastic/images/ZUOb1aa.png?s=1614400651 HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:47:00 GMT
Content-Type: image/png
Content-Length: 34781
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7722a8b88df4b524-OSL
cch.uiw.mybluehost.me/grace/power/skins/elastic/fonts/roboto-v19-regular.html
66.235.200.146200 OK 51 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/skins/elastic/fonts/roboto-v19-regular.html
IP 66.235.200.146:0
File type Web Open Font Format (Version 2), TrueType, length 51116, version 1.0\012- data
Hash 9549360090baf2eb8b25d3a9708fc19d
3229ae839d33696d39c89dc0d3e193fe985f1da4
a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f
Analyzer Verdict Alert fortinet Phishing
GET /grace/power/skins/elastic/fonts/roboto-v19-regular.html HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/skins/elastic/styles/styles9ce7.css?s=1614399035
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:47:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7722a8b91f9ab518-OSL
cch.uiw.mybluehost.me/grace/power/skins/elastic/fonts/fa-solid-900.html
66.235.200.146200 OK 75 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/skins/elastic/fonts/fa-solid-900.html
IP 66.235.200.146:0
File type Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049\012- data
Hash b5cf8ae26748570d8fb95a47f46b69e1
07bed153d47f9129a944ee54dd72952deed074c8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
Analyzer Verdict Alert fortinet Phishing
GET /grace/power/skins/elastic/fonts/fa-solid-900.html HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/skins/elastic/styles/styles9ce7.css?s=1614399035
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:47:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 7722a8b94d021c0e-OSL
cch.uiw.mybluehost.me/grace/power/skins/elastic/images/body_bg.jpg
66.235.200.146200 OK 250 kB URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/skins/elastic/images/body_bg.jpg
IP 66.235.200.146:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 3023x1511, components 3\012- data
Size 250 kB (249634 bytes)
Hash 0604c8766da926d4c12204193690bf24
e8262f936ad2ab0b49256d2f0fc311d76141de33
b4102024d8edebc58d98e42f0eb508130cd67b302c9846a048c83a8de5a6b8df
GET /grace/power/skins/elastic/images/body_bg.jpg HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/skins/elastic/styles/styles9ce7.css?s=1614399035
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:47:00 GMT
Content-Type: image/jpeg
Content-Length: 249634
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7722a8b8ff86b505-OSL
cch.uiw.mybluehost.me/grace/power/skins/elastic/images/favicon48d3.ico?s=1587930608
66.235.200.146200 OK 626 B URL HTTP/1.1 cch.uiw.mybluehost.me/grace/power/skins/elastic/images/favicon48d3.ico?s=1587930608
IP 66.235.200.146:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 16x16, 32 bits/pixel\012- data
Hash aaad328104b7df85105eff973832e8b2
eb3ec9f1b9837858a3b3df7d65f6752e53625f56
7f6c14203e209b46499084b77a37c8e8f0f44aba17e8ec73feecd0c5f2692d95
Analyzer Verdict Alert fortinet Phishing
GET /grace/power/skins/elastic/images/favicon48d3.ico?s=1587930608 HTTP/1.1
Host: cch.uiw.mybluehost.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cch.uiw.mybluehost.me/grace/power/index.php?email=kts@kts-kuwait-tourism.com
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 09:47:00 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 31 Oct 2022 21:11:32 GMT
Cache-Control: max-age=604800
Expires: Wed, 07 Dec 2022 09:47:00 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7722a8bfaa841c0e-OSL
Content-Encoding: gzip