r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 96defe1601ba891731eee83f0830649d
ba500679fd337488c3f60543561740ff0dfc1898
d2a320a9feb1a874af3da921db2a8619513968724ef8eb0715c010291c4cf8d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2A320A9FEB1A874AF3DA921DB2A8619513968724EF8EB0715C010291C4CF8D9"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9968
Expires: Mon, 26 Dec 2022 10:04:14 GMT
Date: Mon, 26 Dec 2022 07:18:06 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9cce060ddc316540d079e6816a1e7412
709a74969d1996d2b35ef0f7f34ae18455169f1e
6d58b895476c9ab451d8fc51df98809adca445bc6e9d720430e80a0c85242879
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D58B895476C9AB451D8FC51DF98809ADCA445BC6E9D720430E80A0C85242879"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4326
Expires: Mon, 26 Dec 2022 08:30:12 GMT
Date: Mon, 26 Dec 2022 07:18:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 26 Dec 2022 06:35:01 GMT
content-type: application/json
age: 2585
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
301 Moved Permanently 310 B URL HTTP/1.1 www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dbf85c367006c87d9d77a216ea22b8b6
19b401aa8c31120d5c4127df98d3ddd6151a932c
4fe2d107877ef6190020d323c1a3c0cb4dfc2963c47c1ed1ea2d67e8a8f733f7
Analyzer Verdict Alert fortinet Phishing
GET /uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Dec 2022 07:18:06 GMT
Server: Apache
Location: https://www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
Content-Length: 310
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6b1d63d9d906daa309dc263b4991bbe9
04680ddd86781d46dfe6a9671571b3ad1f3758f3
46fff7230b88de4cd81dfb0feb783d2dec27e49041f9257d2fb891030781bf6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FFF7230B88DE4CD81DFB0FEB783D2DEC27E49041F9257D2FB891030781BF6C"
Last-Modified: Fri, 23 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6637
Expires: Mon, 26 Dec 2022 09:08:43 GMT
Date: Mon, 26 Dec 2022 07:18:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7xkSEYfuR+3RUFwZBIujxeFQCWse8nRo53DflghHNev5hVJvv7nj02p1oXucbd8DrXWBfo9TFj8=
x-amz-request-id: HE45DS2YAF12FYEK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Dec 2022 06:57:20 GMT
age: 1246
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 07:18:06 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 26 Dec 2022 07:08:06 GMT
age: 600
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ee7d6e7f4a823e6b55ddcae4bd8383cb
0e66ccd49b06df920cfc8fabf8e955d0ef9db297
6670f0927ee54d9480ceba04811af176cfedbb1bca790117ce4403df29e8f0b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6670F0927EE54D9480CEBA04811AF176CFEDBB1BCA790117CE4403DF29E8F0B1"
Last-Modified: Sat, 24 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21546
Expires: Mon, 26 Dec 2022 13:17:12 GMT
Date: Mon, 26 Dec 2022 07:18:06 GMT
Connection: keep-alive
www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
200 OK 3.4 kB URL HTTP/2 www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (563)
Hash 950f041b0dac392c66b8a0d9e5ce15df
682f70293f9af7e8c832ccd2b055b191a85bd9b2
2ef0ee86ea7b7958de413103e7e99f803930fa2a89c55a4ed4acce676e84bc44
Analyzer Verdict Alert fortinet Phishing
GET /uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
set-cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c; path=/
vary: Accept-Encoding
content-encoding: gzip
accept-ranges: none
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache, no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT, Wed, 11 Jan 1984 05:00:00 GMT
content-length: 3358
content-type: text/html; charset=UTF-8
date: Mon, 26 Dec 2022 07:18:06 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash bdc6ddd27a64c85bd15f78b39a79874c
965b8f1b763483b4b4dfe35526d27393d1fdf05c
d2f4dee4d920109e0751634731bea278c9ea9e6c0120ac07969eba74ddbfe615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6287
Cache-Control: max-age=99209
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 07:18:06 GMT
Etag: "63a812a8-1d7"
Expires: Tue, 27 Dec 2022 10:51:35 GMT
Last-Modified: Sun, 25 Dec 2022 09:06:48 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 278 B IP
Hash d64f61d94ba3c0f568960a6375f274e7
36b2c90c2f4330b64b2a8d3e209b785c554b6f02
41c506163f0df9b6b0b0df817c0857d4ee2a95bebdfd9536ee45a09dcb70ab27
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5090
Cache-Control: max-age=90495
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 07:18:07 GMT
Etag: "63a7f54c-116"
Expires: Tue, 27 Dec 2022 08:26:22 GMT
Last-Modified: Sun, 25 Dec 2022 07:01:32 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash d64f61d94ba3c0f568960a6375f274e7
36b2c90c2f4330b64b2a8d3e209b785c554b6f02
41c506163f0df9b6b0b0df817c0857d4ee2a95bebdfd9536ee45a09dcb70ab27
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5090
Cache-Control: max-age=90495
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 07:18:07 GMT
Etag: "63a7f54c-116"
Expires: Tue, 27 Dec 2022 08:26:22 GMT
Last-Modified: Sun, 25 Dec 2022 07:01:32 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 279 B IP
Hash 68c4bcc8cffb2724729d50fc0f6e34ad
18c582032191ff03c2c6266341138b84853b3090
895c9bd5cf3d01f6e4870ec4f41b538b3f2568827ad37c626774a0aa8e5b5fd7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2469
Cache-Control: max-age=136085
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 07:18:07 GMT
Etag: "63a8b19f-117"
Expires: Tue, 27 Dec 2022 21:06:12 GMT
Last-Modified: Sun, 25 Dec 2022 20:25:03 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
200 OK 6.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP
File type ASCII text, with very long lines (19015)
Hash 7b4114faa411d059a9a5ac4b5b4d9dee
277da4486916fa3a4ab3375f47bc98f58dbf90f6
60b3528de2f7d48cbb335d19dddef756aaacc70f73d4254a2ef17978a14ca0d9
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.weworkkuwait.com
Connection: keep-alive
Referer: https://www.weworkkuwait.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 07:18:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3851630
expires: Sat, 16 Dec 2023 07:18:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5Qmzk2FEFwnhpBYvOsERnNmFceuZvzAAKBwf5FG%2F%2FPFrRUkXo4M6MXx56%2BFfPEuMIGfQXoLAyG0CzM9kVLiR%2FNsJ5su1UpnkCZXGuNXphvDJ3X8Z%2FR0f2iW4btYA4riL2IZn74F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77f80a662829b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 68c4bcc8cffb2724729d50fc0f6e34ad
18c582032191ff03c2c6266341138b84853b3090
895c9bd5cf3d01f6e4870ec4f41b538b3f2568827ad37c626774a0aa8e5b5fd7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2798
Cache-Control: max-age=136414
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 07:18:07 GMT
Etag: "63a8b19f-117"
Expires: Tue, 27 Dec 2022 21:11:41 GMT
Last-Modified: Sun, 25 Dec 2022 20:25:03 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 244625692c693282c5ccf7a20e38a8ce
80572a9b2940cca7b170deb1b1512a338a212ca5
ae455f885ab9db294e2b4e7eb8d050f2f1a1ea61d288cce292613360b6ab6a9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3649
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 07:18:07 GMT
Last-Modified: Mon, 26 Dec 2022 06:17:18 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ajax.aspnetcdn.com/ajax/jquery/jquery-1.10.2.min.js
200 OK 42 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jquery/jquery-1.10.2.min.js
IP
File type ASCII text, with very long lines (32072)
Hash 54998ffa3c6e8385b98b3c6495644f92
e49357ddbe3491d9d0c8e83783b525cbd0d0f420
e475f0b97f212acf9e817003d9f8813ae08c8f484207d05faf152246f5d062be
GET /ajax/jquery/jquery-1.10.2.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 16428325
cache-control: public,max-age=31536000
content-type: application/javascript
date: Mon, 26 Dec 2022 07:18:07 GMT
etag: "f168924cc33d21:0"
last-modified: Mon, 31 Oct 2016 23:10:49 GMT
server: ECAcc (ska/F79E)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 41705
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
200 OK 14 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (48664)
Hash 85c516cedb23c59c9a1d077af8cb85f2
69c321bfa828ffdd154766ae881362e47f8daaf6
1b1484af8d31959ff79443d9771fd13a285da9b44a01c6b3908e41d60bea8301
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.weworkkuwait.com
Connection: keep-alive
Referer: https://www.weworkkuwait.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 07:18:07 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7fc7be9a9286ca8525f468095b277d78
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77f80a662aa0b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.weworkkuwait.com/assets/developers/css/proj.css
200 OK 1.7 kB URL HTTP/2 www.weworkkuwait.com/assets/developers/css/proj.css
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash bfd79d9502ec5c396e29522fed09360c
7fcf66787cef49dd20e4c9130a2a3dda0fa2c403
008d6843c0fc92c71bc5484f750580041c99c90043ca01a3806e99642acde49c
GET /assets/developers/css/proj.css HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
Cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 12:59:38 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
content-length: 1744
content-type: text/css
date: Mon, 26 Dec 2022 07:18:07 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bFW/WCtXe6zB/vHaG8BnKg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hYPd0jViLs0gN0WB4eHk0guegxM=
www.weworkkuwait.com/assets/designer/themes/default/images/logo.png
200 OK 14 kB URL HTTP/2 www.weworkkuwait.com/assets/designer/themes/default/images/logo.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 234 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash c5f2a4dd169d7cace118c99669bd6ac9
b18b7cf37183d469d85827915f2d95dbf3eff07b
1465c6f08c8eb6939edca5d589b6eeb8bd2f1bc091873f47fe44ada20f219618
GET /assets/designer/themes/default/images/logo.png HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
Cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Mar 2019 17:48:14 GMT
accept-ranges: bytes
content-length: 13904
content-type: image/png
date: Mon, 26 Dec 2022 07:18:07 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 244625692c693282c5ccf7a20e38a8ce
80572a9b2940cca7b170deb1b1512a338a212ca5
ae455f885ab9db294e2b4e7eb8d050f2f1a1ea61d288cce292613360b6ab6a9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3649
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 07:18:07 GMT
Last-Modified: Mon, 26 Dec 2022 06:17:18 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
www.weworkkuwait.com/assets/designer/themes/default/images/ft-logo.png
200 OK 7.1 kB URL HTTP/2 www.weworkkuwait.com/assets/designer/themes/default/images/ft-logo.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 233 x 77, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f2703f09ca4693fa20c91f93ca3f5a6
a083241ba22c8a25ee2e1f7bac86d1b94bdf6675
1e851138d8199db8affe98960a2302dd06e9b3bb16c1560cca312f20d290e853
GET /assets/designer/themes/default/images/ft-logo.png HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
Cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Mar 2019 17:48:32 GMT
accept-ranges: bytes
content-length: 7109
content-type: image/png
date: Mon, 26 Dec 2022 07:18:07 GMT
server: Apache
X-Firefox-Spdy: h2
www.weworkkuwait.com/assets/developers/js/common.js
200 OK 2.5 kB URL HTTP/2 www.weworkkuwait.com/assets/developers/js/common.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 3a7bbf54e0e0b5bb68ce30644d51d8f9
ac70cc204d91b974330879394dc455846ce8fdef
6e1a0cc620587a569a9e43c3371d8a131f3fbc7995bba3561e8a4c6a5d5ba5b9
Analyzer Verdict Alert fortinet Phishing
GET /assets/developers/js/common.js HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
Cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 12:59:40 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
content-length: 2492
content-type: application/javascript
date: Mon, 26 Dec 2022 07:18:07 GMT
server: Apache
X-Firefox-Spdy: h2
www.weworkkuwait.com/assets/designer/themes/default/css/conditional_dsr.css
200 OK 14 kB URL HTTP/2 www.weworkkuwait.com/assets/designer/themes/default/css/conditional_dsr.css
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (14065)
Hash e9be56d94c74d296f6197bac1daab6ed
fb6ebc9a5cda293e7b14902981c452cb11f4f01a
5378a0a98afc798a83a80eea0cca237cc3e2dfbd4791fd9a41e540f3bcc29e0d
GET /assets/designer/themes/default/css/conditional_dsr.css HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
Cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 19 Jun 2019 10:37:38 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
content-length: 14493
content-type: text/css
date: Mon, 26 Dec 2022 07:18:07 GMT
server: Apache
X-Firefox-Spdy: h2
www.weworkkuwait.com/assets/designer/themes/default/images/404.jpg
200 OK 62 kB URL HTTP/2 www.weworkkuwait.com/assets/designer/themes/default/images/404.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 713x270, components 3\012- data
Hash 1bef9443fc8e034ce19f2d2bcb978853
55b5a2f9c009181beccde007568f4d09f3951e0f
1cd44cef94e55c891d2cb3505fcf0fc54507747da626e6e2cf4e0aa910693664
GET /assets/designer/themes/default/images/404.jpg HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
Cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Mar 2019 17:48:14 GMT
accept-ranges: bytes
content-length: 61846
content-type: image/jpeg
date: Mon, 26 Dec 2022 07:18:07 GMT
server: Apache
X-Firefox-Spdy: h2
www.weworkkuwait.com/assets/designer/themes/default/images/inner-banner.jpg
200 OK 177 kB URL HTTP/2 www.weworkkuwait.com/assets/designer/themes/default/images/inner-banner.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x300, components 3\012- data
Size 177 kB (177133 bytes)
Hash 68b5f4dbc42919aa87909df3b259d2a3
b9c30c7be387d4b70cd1c00cc6ff5f228468769e
9e0868fa9322ec9529cf2d82ffee9784ca2cda1f9daebe13ebfe5b8e657f9fb7
GET /assets/designer/themes/default/images/inner-banner.jpg HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
Cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Mar 2019 17:48:22 GMT
accept-ranges: bytes
content-length: 177133
content-type: image/jpeg
date: Mon, 26 Dec 2022 07:18:07 GMT
server: Apache
X-Firefox-Spdy: h2
www.weworkkuwait.com/assets/designer/resources/Scripts/script.int.dg.js
200 OK 1.0 kB URL HTTP/2 www.weworkkuwait.com/assets/designer/resources/Scripts/script.int.dg.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (453), with CRLF line terminators
Hash b20b412d43f4b53e2e933c2bb2c0a10b
3314f4c6f59b5d7fe3e9f2ab523fac730d2f0a11
bf9f258d39ec23db0d12fc06f8e364ef1b4ba810c4a5508f46625ffcb46ff3e3
Analyzer Verdict Alert fortinet Phishing
GET /assets/designer/resources/Scripts/script.int.dg.js HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
Cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 30 Apr 2019 18:45:12 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
content-length: 1027
content-type: application/javascript
date: Mon, 26 Dec 2022 07:18:07 GMT
server: Apache
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
200 OK 24 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65325)
Hash afdb40d405c1375a1566470ce98ac12b
2e901cb47df42e26adc5a1185e87f38aa5a950d8
d26b4b7fa1fbc72a1b5161ca4f4486926ae75158928ccbfc5e431dc0adb65d57
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.weworkkuwait.com
Connection: keep-alive
Referer: https://www.weworkkuwait.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 07:18:07 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 54306cd866fa2a04fb50521ad160323f
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77f80a661a92b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.weworkkuwait.com/assets/designer/themes/default/images/top.png
200 OK 1.8 kB URL HTTP/2 www.weworkkuwait.com/assets/designer/themes/default/images/top.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 103 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash e140ca4c23d290a2951a6f3e00a9a3e6
5202f346d54fac5ceebf10ee36031374fdcf9f45
405a30b3dd52a2b9700f3cd8879909ff301567cb9f586e509fed64575c8b5490
GET /assets/designer/themes/default/images/top.png HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/assets/designer/themes/default/css/conditional_dsr.css
Cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Mar 2019 17:48:28 GMT
accept-ranges: bytes
content-length: 1783
content-type: image/png
date: Mon, 26 Dec 2022 07:18:07 GMT
server: Apache
X-Firefox-Spdy: h2
www.weworkkuwait.com/assets/designer/resources/Scripts/jquery.easy-autocomplete.min.js
200 OK 5.8 kB URL HTTP/2 www.weworkkuwait.com/assets/designer/resources/Scripts/jquery.easy-autocomplete.min.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (15653), with CRLF line terminators
Hash e93978be8b11218e581d818f4e3836ed
3414b6abecbed18498d556f1e08bd00141fc7a43
60c1049f8d5679d2edc843170b2778a61761ba4720872c501e96735eaf2fad41
Analyzer Verdict Alert fortinet Phishing
GET /assets/designer/resources/Scripts/jquery.easy-autocomplete.min.js HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
Cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Mar 2019 17:48:06 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
content-length: 5838
content-type: application/javascript
date: Mon, 26 Dec 2022 07:18:07 GMT
server: Apache
X-Firefox-Spdy: h2
seal.starfieldtech.com/getSeal?sealID=v2eC1aOarG7RIAhMQtfwiCVDVojiyGlto8IvZ9C9qzchNTkTR3j5EWIMwvy0
204 No Content 0 B URL HTTP/1.1 seal.starfieldtech.com/getSeal?sealID=v2eC1aOarG7RIAhMQtfwiCVDVojiyGlto8IvZ9C9qzchNTkTR3j5EWIMwvy0
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getSeal?sealID=v2eC1aOarG7RIAhMQtfwiCVDVojiyGlto8IvZ9C9qzchNTkTR3j5EWIMwvy0 HTTP/1.1
Host: seal.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Mon, 26 Dec 2022 07:18:07 GMT
Server: Apache
use.fontawesome.com/releases/v5.0.13/webfonts/fa-brands-400.woff2
200 OK 61 kB URL HTTP/2 use.fontawesome.com/releases/v5.0.13/webfonts/fa-brands-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 61336, version 1.0\012- data
Hash 3654744dc6d6c37c9b3582b57622df5e
0ec12ea1707f5bc812b627f41cccad2aff01e54b
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
GET /releases/v5.0.13/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.weworkkuwait.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Dec 2022 07:18:07 GMT
content-type: font/woff2
content-length: 61336
x-amz-id-2: cmJ/Qw3ezFAkHzqafszwKR66he7H1IBPt3LgXY3ZYaROUvAaW3F7zRovDKNMSGlmr5spKtkwlN4=
x-amz-request-id: RM1D02QCXN42C6YF
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:27:47 GMT
etag: "3654744dc6d6c37c9b3582b57622df5e"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLK0zpxiFWCfm8ldwvz%2Fth70wToYWCpKF7HbO7PUwQQLfmLFrwYm6U2wDM7w40hrV0AqpaRvECmL7ytjTlSMdGwacIdYsXAjkJZstyXsvsKF6j9eXGSZiTF%2FPGDbQJc3gXj%2BU2MZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f80a691acb24f2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.weworkkuwait.com/fav.ico
200 OK 5.4 kB URL HTTP/2 www.weworkkuwait.com/fav.ico
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel\012- data
Hash fa4ec210d4fdc61a4776fc2f2403402a
a2876dd386efa8fddc11d799125d26617aebc647
df2421834064a7028ad23cb043bec6adfa5dbee57658664fda05e0bb9ee865c9
Analyzer Verdict Alert fortinet Phishing
GET /fav.ico HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
Cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 18 Dec 2018 12:59:20 GMT
accept-ranges: bytes
content-length: 5430
cache-control: max-age=604800
expires: Mon, 02 Jan 2023 07:18:08 GMT
content-type: image/x-icon
date: Mon, 26 Dec 2022 07:18:08 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4536
Expires: Mon, 26 Dec 2022 08:33:44 GMT
Date: Mon, 26 Dec 2022 07:18:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4536
Expires: Mon, 26 Dec 2022 08:33:44 GMT
Date: Mon, 26 Dec 2022 07:18:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4536
Expires: Mon, 26 Dec 2022 08:33:44 GMT
Date: Mon, 26 Dec 2022 07:18:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4536
Expires: Mon, 26 Dec 2022 08:33:44 GMT
Date: Mon, 26 Dec 2022 07:18:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4536
Expires: Mon, 26 Dec 2022 08:33:44 GMT
Date: Mon, 26 Dec 2022 07:18:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0de44af9-689c-433b-9291-b5e6c980e352.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0de44af9-689c-433b-9291-b5e6c980e352.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba61b2beeb64bfb5c38d0c7fd7c82a32
6bdbfc5daa929523a27de45683928e742431d537
573288644cb5ec3f13d0d19b84dd1dabe7cb834ba87704593af63dbd5b9d4f07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0de44af9-689c-433b-9291-b5e6c980e352.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10094
x-amzn-requestid: 6937578a-43e6-4c68-a953-5f457b3f70e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duNbuEXioAMFV8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c2b1-09b3de421c367dbd09f8cf7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QMPD3U33gWb-LUXYnu6kfmGPFtst_gao0dNc1dvvsliZkTOyCO11tw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 22:06:44 GMT
age: 33084
etag: "6bdbfc5daa929523a27de45683928e742431d537"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7dbee83-176a-4fa9-a42c-2a2c9db4001b.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7dbee83-176a-4fa9-a42c-2a2c9db4001b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b46e077944b0d53e361327e6d690f2ec
c9f17cad706817aa66832633d1307a91c8c7d61e
b00a16c34c95675a08bafb198f7cc4b374e88a9041a6bb8593a61cb08ef3c306
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7dbee83-176a-4fa9-a42c-2a2c9db4001b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10961
x-amzn-requestid: 04d69a4a-2357-4651-a490-4a054bd3fd4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duMunGOQoAMFbKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c190-53efc5ef1d7545a90e940d0d;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:33:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EOf46ZIBIMKzJvfpWMB7BdYMA6dXxRYhinIN-lD4cOvkiPfsS-e3qA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 22:01:21 GMT
etag: "c9f17cad706817aa66832633d1307a91c8c7d61e"
content-type: image/jpeg
age: 33407
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e38d94b0be1b10ecac941b497f57c861
12911cd039f5c7b05013ebbc369aec5613134906
38a41df0d4f4405e8ecf6b379431bdb87eaed40e20481262b43d1fd127c010fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff70fb5bc-19d9-433d-adc5-222fa8c0b134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9452
x-amzn-requestid: 41b87e86-25f2-4d3b-a4ac-ae9a933a75b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duMupEMdIAMF7Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c190-22b2693c043757fb5d58dda7;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:33:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: StP3cRZB5uQq5vj2oEZZmxAsLlu-nsnDNjQBdeb_o6Rd3YsP7p2Qlg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 22:06:41 GMT
etag: "12911cd039f5c7b05013ebbc369aec5613134906"
content-type: image/jpeg
age: 33087
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd9e22c8-a9cc-48fe-a821-b6c7e317e433.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd9e22c8-a9cc-48fe-a821-b6c7e317e433.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10713b0c2cec301fcd45db80ae0a10eb
78d9719593aa9e972921ae6555cf235286f50709
32d4474f99a79b9e05b31722af47fa45b6876ebbb042b57260a351d2a2601fb7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd9e22c8-a9cc-48fe-a821-b6c7e317e433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10195
x-amzn-requestid: 04589666-4416-4780-a959-9e3c6b140194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dq6efFnzIAMFebA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a77129-4415c578420b56920685c331;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 21:37:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MVctcXlP7S1s73lIC_uTJ3QwWyKk6BTDCAt-O9cHkF8oDCJNNZWEtg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 05:36:11 GMT
age: 6117
etag: "78d9719593aa9e972921ae6555cf235286f50709"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8acfbe14-6ef3-4805-a79f-989bf4baa86a.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8acfbe14-6ef3-4805-a79f-989bf4baa86a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d6c3c9ebb71d01fc49a33aaa117d07e
c68e14965ed0d66ee60785fd261afd4651bb975d
16ae4f9cda16e06370067f92d1c3d5680714f32b0216453a4a584384222e927d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8acfbe14-6ef3-4805-a79f-989bf4baa86a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10560
x-amzn-requestid: 7ae51a69-57b8-462b-94dc-c98f3a81c518
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dsPBgH3jIAMFfkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a7f86f-5b46b60218f5523b3b728145;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 07:14:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: n6AfARGNAuPeBrZmjJHf9dlKFmlTLXjU9-LKa8HUUzvjnYYYIaId8Q==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 07:17:42 GMT
age: 26
etag: "c68e14965ed0d66ee60785fd261afd4651bb975d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb12e2114-0241-4da7-bd1e-899e349748e5.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb12e2114-0241-4da7-bd1e-899e349748e5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d168ba736203efdefa90d8882fc40505
c661ff487be1f6c6d8fbe8fd671aa55159052b13
03154c7d275e14a4a2174e710e0a8be4ffee79070052f210e3496f0c0b5f37c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb12e2114-0241-4da7-bd1e-899e349748e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12097
x-amzn-requestid: aae402bd-c19f-4245-98e9-e89ca85c4d25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duNcOHqcIAMFpYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8c2b4-0038899d5108109039e9d46a;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N54ZNk6rFLXw2TwRtNLAt4e1gBHqKMZ4uN0_fD5Fm7wtofseV-IgWQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 21:51:30 GMT
age: 33998
etag: "c661ff487be1f6c6d8fbe8fd671aa55159052b13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.0.13/css/all.css
200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.0.13/css/all.css
IP
GET /releases/v5.0.13/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.weworkkuwait.com
Connection: keep-alive
Referer: https://www.weworkkuwait.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Dec 2022 07:18:07 GMT
content-type: text/css
x-amz-id-2: 4j/n0n2yv4bcbqR55erAgiAyA3tTDDn+FdV6mltMffk/2pVJAko8Y3faIGMfhp5lsGxxTgroCO8=
x-amz-request-id: RM113J0RF3KPC85J
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:27:31 GMT
etag: W/"d61bfe9b56c13ecff5313ee3abb45e8b"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zNVHXEB2UqFCkh9V3q%2F5zvn2AYjCqs%2F8Yo5293xhxfER0OzdcBe8pT9nvDNYlk%2FdAWwDmItR6q8cv0oyM8ptc1zq3uZPZyTtiDwkwLIj5Ckk4LvRa1Z5SzI9XhdDlB1%2BpOEkK6z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f80a667f7524f2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.weworkkuwait.com/assets/designer/resources/Scripts/helpers.min.js
200 OK 0 B URL HTTP/2 www.weworkkuwait.com/assets/designer/resources/Scripts/helpers.min.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Phishing
GET /assets/designer/resources/Scripts/helpers.min.js HTTP/1.1
Host: www.weworkkuwait.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weworkkuwait.com/uploaded_files/userfiles/files/free-coins-for-coin-master_GM406889139.pdf
Cookie: PHPSESSID=934bf78db232ce6ae0579e9d4be77d5c
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Mar 2019 17:48:04 GMT
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
content-type: application/javascript
date: Mon, 26 Dec 2022 07:18:07 GMT
server: Apache
X-Firefox-Spdy: h2
119.18.54.85
35.241.9.150
104.17.25.14
23.36.77.32
93.184.220.29
188.114.98.234