r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12568
Expires: Sat, 22 Oct 2022 20:42:49 GMT
Date: Sat, 22 Oct 2022 17:13:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12585
Expires: Sat, 22 Oct 2022 20:43:06 GMT
Date: Sat, 22 Oct 2022 17:13:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash acde3ae7c08565edff5f7b299fa05e78
6c8792bd32286e813e2375c5070527b861291f7b
fc9dbcddd62be276a69227de4c2d594582ee64e8625bac0a04e47a698b6d2dad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC9DBCDDD62BE276A69227DE4C2D594582EE64E8625BAC0A04E47A698B6D2DAD"
Last-Modified: Thu, 20 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9374
Expires: Sat, 22 Oct 2022 19:49:35 GMT
Date: Sat, 22 Oct 2022 17:13:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1fgomAnU0gjAxJ5WjJ+dXnrjz6RrLN8fDuEUNugs24yhpDmKUfYoLTncM8WtkyX67BeWuzBkF8I=
x-amz-request-id: BAEMFMH93BB0GYTY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 22 Oct 2022 16:37:38 GMT
age: 2143
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
18.244.155.19200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.244.155.19:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 22 Oct 2022 16:26:21 GMT
Expires: Sat, 22 Oct 2022 16:54:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 3f56d86af987a5808c3846bdd32ffcf2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: M2uT7mvGNbj66RjYbVdS0nlNFsbNQcSdzatv9J7v_kNpqxU8dijDtg==
Age: 2820
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 22 Oct 2022 17:13:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.244.155.19200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.244.155.19:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, ETag, Retry-After, Cache-Control, Alert, Expires, Pragma, Content-Type, Backoff, Last-Modified
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 22 Oct 2022 17:03:50 GMT
Expires: Sat, 22 Oct 2022 17:23:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 88e066f06ce21d9d589e0b7dba0cd180.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P8
X-Amz-Cf-Id: o6yjBSSD4nPaaOvjmBEtp2kqtNDR1Z0qmqL56W8GPWBLagPSFdSzJQ==
Age: 571
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6127
Cache-Control: max-age=146131
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:21 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 09:48:52 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +armEQ0eNkCBwZ82vGy92A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bKi15L0Hz7pv3T0TzQ7BZmIgpoc=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13332
Expires: Sat, 22 Oct 2022 20:55:35 GMT
Date: Sat, 22 Oct 2022 17:13:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13332
Expires: Sat, 22 Oct 2022 20:55:35 GMT
Date: Sat, 22 Oct 2022 17:13:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13332
Expires: Sat, 22 Oct 2022 20:55:35 GMT
Date: Sat, 22 Oct 2022 17:13:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26c47e4b0147f8dee3e71a53a8f2830c
381edb4758da428db5ffe884f8fb38bf11044f69
b507898359abbcb1f57821c147a58df66d7e81acc198afc997527b58cd835b39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff28bcb97-99c1-48e0-b7d7-8bfe823abaa7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11151
x-amzn-requestid: 5c32e307-f2a7-4050-a96f-a47667ec4752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-NEFTKoAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b9-2fc77f394ca297126abaed94;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JOZwwfasalOC-qk9FERBCqhR9jOp1svTRJxaA40zR6p6yta1_W1dVA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:06:07 GMT
age: 68836
etag: "381edb4758da428db5ffe884f8fb38bf11044f69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
34.120.237.76200 OK 2.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76fdbaaa2ef28349492bdf0e44fa1208
6769eeb6762a3dd7dacf6a054fedf043acb463df
8c8b2db96e764f97aa91bd800b2a6f7bf6c9d96a9dd67f919f27b53074e339e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bade1dd-24b1-4bae-9ace-a120c6729946.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2305
x-amzn-requestid: d44cceea-ab77-400f-a7a6-ed80b9873106
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aE95TG2YoAMFiiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b76a1-57ed4d9437044cc1665e535b;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 03:12:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eflm34vllgs18pHs0oGCIeDfBFnUu-ONYvvZAI6Iru52BCy2Ls0cIw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 07:45:22 GMT
age: 34081
etag: "6769eeb6762a3dd7dacf6a054fedf043acb463df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cdaacab30d73a7d05180cc16f4a96a3f
6cc0e39e0decbc20c765f171f63affd85fc9e6da
f015c3b1d838bd7d100ee104551bed2bb06a512b20ce3e5ac419d54b747fadd0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f5552d5-4394-409a-9a9c-43e4ebf38ee1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10720
x-amzn-requestid: 96267527-f482-4bfa-ba7a-12467408efe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-MvGutIAMFc8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b7-25f2624559b0fb7d62ced3a3;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4--AiSTKMMOm9HnJL_ervFnd5rkQ-WZfGM-FNkxXKO892SPw67cxXA==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:11:42 GMT
age: 68501
etag: "6cc0e39e0decbc20c765f171f63affd85fc9e6da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ee464d6a426da49571c97060e65a4e8
aef2208c82085b4dc8472ee28bc63b9a8832fe0e
704e9800cb12b9b2927e85901b21fbb22303f11bf4b052340d0fc610414e2a6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84809f37-0e01-4278-ba97-357c4a1b454e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5517
x-amzn-requestid: 560e0ccc-0551-461d-98fd-f94d9a026fb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-pSExDIAMFpMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353116e-0420e4ac6cceec1749a44819;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TDa1YZjZ70BYwTbiiaBV1J1WVtzXpAZ1j-wKfsviXvhbhnc8f0Huiw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:02:32 GMT
age: 69051
etag: "aef2208c82085b4dc8472ee28bc63b9a8832fe0e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a361cef05d531426819a2bffd8ab1e47
9c8050ffd0de58005705219ec70b6e4352e35b5e
0c3c48b96adb7c1dc8a8c3771878dcbab80bbbb9f2d6998038bf5d43831b578b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F428e118d-55db-4b2d-9dc1-0adbc5a4021a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8856
x-amzn-requestid: 84cc5c28-b71f-4ada-9d3b-e67e820cd080
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-LzHcsoAMFuNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635310b1-6b44e77726dc2003052ce387;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qZ8wiQp_Cnx6_fT-TrOCKmkrcpYHyhByOvYpgE9XWkA0VUGxjs6cSw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 22:06:06 GMT
age: 68837
etag: "9c8050ffd0de58005705219ec70b6e4352e35b5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nuancedigital.qa/omr/tearhacopimtcsi
119.18.49.15301 Moved Permanently 7.4 kB URL HTTP/2 nuancedigital.qa/omr/tearhacopimtcsi
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash b5a20ed6d9c28c2f4d899a60366be81d
ab4066bebc03e20378976d3664d4cf3209c7f93c
b9ba620e0e4865f96d01cae72a3e64c2a7f96ca4d35bc1e5c584860cafde9985
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /omr/tearhacopimtcsi HTTP/1.1
Host: nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sat, 22 Oct 2022 17:13:21 GMT
server: Apache
content-type: text/html; charset=UTF-8
pragma: no-cache
expires: Sat, 22 Oct 2022 18:13:22 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
content-encoding: gzip
vary: Accept-Encoding
location: https://www.nuancedigital.qa/omr/tearhacopimtcsi
x-server-cache: true
x-proxy-cache: MISS
set-cookie: PHPSESSID=b80fa5414df57dccb5673671f20d687d; path=/; secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 794a6d2df00fc15e8b4ed6ff4992525e
f8d67c7fd506709d7232298859fe2b3daf374f29
02d38690754b5d99178d576fe6df6c1ca881a2bbd806a75c633c371fac0221da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 94ee541bb392e5675c1e24c94c197f8b
bce18b05a24f5e2c6743cbbe849a733091586176
82f791c205847646216d72b4ce65bc3587ca69d1da17a3a2afb477640822c4dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-158043906-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-158043906-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash be1b2684bd3978ca01bffb3abbd0c97a
2967cd63712aef812a6d4e69f74ad847ec8f552a
b5d27d4ff37ded91dd892c9de4fcda9f3dd1d6cce63c399fce59b302d6dd972e
GET /gtag/js?id=UA-158043906-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 22 Oct 2022 17:13:23 GMT
expires: Sat, 22 Oct 2022 17:13:23 GMT
cache-control: private, max-age=900
last-modified: Sat, 22 Oct 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43585
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 60fcf0b588f9927fde2759de6b3e3fed
f564b9ea498a878638fa3a374bf6fdfe468559ad
ae3eb07b4b347d54014f24971dafb4dccbc009c397caec6a78403e92e65f3cbc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 94ee541bb392e5675c1e24c94c197f8b
bce18b05a24f5e2c6743cbbe849a733091586176
82f791c205847646216d72b4ce65bc3587ca69d1da17a3a2afb477640822c4dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nuancedigital.qa/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
119.18.49.15409 Conflict 83 B URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LeKfV4hAAAAAH9LosYloXkfiIrLxuan9GacUhUW&ver=3.0
142.250.74.164200 OK 584 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LeKfV4hAAAAAH9LosYloXkfiIrLxuan9GacUhUW&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 28db9631fb2245e660bc9e083234d8af
3eb05399b5df75294e60b2d425786ec7ce8d8130
2afd68cb2d9b697f091b9a69aa793b1263f349fd3857209171e8ffcb99d60cdc
GET /recaptcha/api.js?render=6LeKfV4hAAAAAH9LosYloXkfiIrLxuan9GacUhUW&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 22 Oct 2022 17:13:23 GMT
date: Sat, 22 Oct 2022 17:13:23 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/css/mainstyles.css?ver=3.14
119.18.49.15200 OK 1.1 kB URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/css/mainstyles.css?ver=3.14
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 8847b200fc704c7988394ea77782bde2
551fab44123fc5f7961a5a84588966c783ce87e3
85b39cbc5a36fade0471524bf993cd6bfbbb4e6ca6a0d7a78dae5646f2c50119
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/css/mainstyles.css?ver=3.14 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 Oct 2022 11:13:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1128
content-type: text/css; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/css/owlcarousel.min.css?ver=1.0
119.18.49.15200 OK 1.1 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/css/owlcarousel.min.css?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 64f3cfc95d56f68bfd4484c19cc9e353
dd7804a382cc04681a8dd04ef2698c047d1b665c
e5881c2d80b9ca505518c643b2eccfbc3bc2973e275b541d74cd7fb382815919
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/css/owlcarousel.min.css?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1099
content-type: text/css; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/css/icofonts.css?ver=1.0
119.18.49.15200 OK 2.8 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/css/icofonts.css?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash ad600c029011eb73b9f831da130ecc2f
8fffc0b17e569eb9d3e36388575f21d22cc63955
ded108f92cd277eeb2a63b5f5b9da6b5e4f4b94979cfbe2c31fc7c3542f56c61
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/css/icofonts.css?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2759
content-type: text/css; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 1b0cd7fce51616614b5ebb265d02c2f7
6748d7df7c347bbe06afb2155fff3bbc8bf50eb0
d41beb047830bdacb772b75123c39906db8edcd49fdc8c9a00258a2556efd1c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nuancedigital.qa/wp-content/themes/geobin/assets/css/xs_main.css?ver=1.0
119.18.49.15200 OK 9.5 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/css/xs_main.css?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type assembler source, Unicode text, UTF-8 text, with very long lines (684), with CRLF line terminators
Hash 179bdd070659c26e9152096b0fcd2820
bc5b29b80d3e1ed29040bb0f72ad5631c146a858
7552604a734c43252a556ca54af70c499189ade0ca9d3b236224f368bb7aa14c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/css/xs_main.css?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 9506
content-type: text/css; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
119.18.49.15200 OK 11 kB URL HTTP/2 www.nuancedigital.qa/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (39791), with CRLF line terminators
Hash 2dd8a0297bf78fdbcff7f8eea01499e7
a658a36f395090c19e28a23d923aac41f6902ed8
4c37d1af1d16942416317e69e36ecc76f58d9613345438ad0b68750e992134e1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.5 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 25 Aug 2022 23:43:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 11102
content-type: text/css; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/css/bootstrap.min.css?ver=1.0
119.18.49.15200 OK 19 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/css/bootstrap.min.css?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65313), with CRLF line terminators
Hash 7ae6f6409229ffd0b8131ef18e24fa88
e5ea25c6167a22b2faad298cfe820c122508dc1c
ab8e9cda5fcbbc15b4def58e38a483f361fccd49fbcd6ec43795dd027202a21c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/css/bootstrap.min.css?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:18 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 19389
content-type: text/css; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/css/owltheme.css?ver=1.0
119.18.49.15200 OK 616 B URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/css/owltheme.css?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 233b2eaafce1b242f64f65e13d82a51e
65b86daacde29a575f024f908243ebc36e6cbd9f
50ea60ae45a8291bbe45914c6c18987cfcb6d3ce4d61ffaad11b2f631d8da279
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/css/owltheme.css?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 616
content-type: text/css; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
119.18.49.15200 OK 6.9 kB URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (30837)
Hash 10bb8483b915813f543677f506467ff6
5b385098d3d633235f9a5c731985a43c9125df6d
970d86b37614a80420b44ba9fd03939bdab9bf323e543f2bcb0f55c4a3fae711
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 02 Oct 2022 23:48:25 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 6928
content-type: text/css; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/css/blog-style.css?ver=1.0
119.18.49.15200 OK 5.6 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/css/blog-style.css?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type assembler source, ASCII text, with CRLF line terminators
Hash 8f549493473cb739b946f94bf3da6e98
82b717e07877d0df51be117bbf18d3fb90aff958
44b165e2a7dc38577885ac1d0bf31613599d88114ca64ac5056cc2ee4a32da35
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/css/blog-style.css?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:18 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 5603
content-type: text/css; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
119.18.49.15409 Conflict 83 B URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
119.18.49.15409 Conflict 83 B URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/css/responsive.css?ver=1.0
119.18.49.15200 OK 2.4 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/css/responsive.css?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 42e16ad716ebe0106f6118603aa4da60
223b36639cdbd4eb4a6c4fb22b99399e5d9441de
22b20d8734353f22bf729f34f9e1d7bcb362c773fc3a2f2e36d164e0d280e9b8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/css/responsive.css?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2444
content-type: text/css; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
119.18.49.15409 Conflict 83 B URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.5.0
119.18.49.15200 OK 3.2 kB URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.5.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1972)
Hash 909ed6a40fac82b4b6fd867e99a67750
b0f48e763bdeffca6dfada9f1d63b5f99527d75e
7d4714244cf60b2319105dbe8edafc3fee53350469b7d1a20a1a7483e60a24a8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.5.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 19:04:04 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 3220
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/uploads/2018/10/icon-3.png
119.18.49.15200 OK 797 B URL HTTP/2 www.nuancedigital.qa/wp-content/uploads/2018/10/icon-3.png
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 32 x 32, 8-bit gray+alpha, non-interlaced\012- data
Hash b6c780756cad2358567c8d8a3f168d22
72f37c6012a3f0fd6a11afa583dae5918019784c
24cb523547a02be0509e347ba103985674a69c05d59023993f5e2500bb64ac5d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2018/10/icon-3.png HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 00:21:00 GMT
accept-ranges: bytes
content-length: 797
cache-control: max-age=10368000, public
expires: Sun, 19 Feb 2023 17:13:24 GMT
vary: Accept-Encoding
content-type: image/png
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
119.18.49.15200 OK 4.2 kB URL HTTP/2 www.nuancedigital.qa/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126), with CRLF line terminators
Hash 7ae57a61a2e13e8cbd699c3ca7dc104c
28db5d970b82f96ebd180501a227cfc897db1c15
0454c42f651f80d5cf0beed15346df03f7c0c5214bc24f7be350926cf72dab1f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 25 Aug 2022 23:47:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4170
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/js/jquery.counterup.min.js?ver=1.0
119.18.49.15200 OK 578 B URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/js/jquery.counterup.min.js?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (917), with CRLF line terminators
Hash 306ea69c876201ec32a9562f18b9d673
96c0dfa4df03cd823476b46668ab47463c9169f3
2dadb57bba327dc006803a8ec08cf1d0e96f298b5cafaf2c3c9db12e3af96c4f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/js/jquery.counterup.min.js?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:54 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 578
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
119.18.49.15200 OK 2.4 kB URL HTTP/2 www.nuancedigital.qa/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6494), with no line terminators
Hash ac8e3264bbf056252840769d80367138
f39423d928ac13e06b2f70a1c568ff53c55db038
10d1fb39911c03d5ea6da7330e723a4cde477907297dba5ea01d0c9a837950a8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 25 Aug 2022 23:47:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2419
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/js/main.js?ver=1.0
119.18.49.15200 OK 1.8 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/js/main.js?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 680edaa6fe8c547d6bf8144b98d8e8e8
6faee2d6b4ecf77bb8209b13694d5d37e8ffe303
87a401dac6a685cee42e32df084a8e18640592bb942e89cb424f057848e841d4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/js/main.js?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:52 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1815
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/css/style.css?ver=1.0
119.18.49.15200 OK 15 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/css/style.css?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (317), with CRLF line terminators
Hash 1752631c85b2df9682b765d1dae4e02f
10b59327bd881d367fdee1603ae8904aa5f37986
9f53921f95d3fcb716f1e1a950988d2eaf211fd9e1d1c3de0cebf65fbdf19512
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/css/style.css?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 15361
content-type: text/css; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10
119.18.49.15200 OK 2.6 kB URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6210), with no line terminators
Hash dfcc74301f163fabd32e3256b91ba54e
3e861de3c9a7d5638eb7da2274f50274cde6cc0c
0611e07de6e96239da5373ee60ec187406e535614413b431c823fa3c21ecf8d7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Sep 2022 11:45:12 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2559
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/uploads/2018/10/logo2.png
119.18.49.15200 OK 4.8 kB URL HTTP/2 www.nuancedigital.qa/wp-content/uploads/2018/10/logo2.png
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 168 x 92, 8-bit/color RGBA, non-interlaced\012- data
Hash df284b466c6d87eee8f72433fca40d50
30096648e9023b490a75f0b239443fc43c601cf3
3fdb8b3a2d6b832564cdb97421448a8f65db9e3be03d6bac5bf274e9619b2412
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2018/10/logo2.png HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 00:21:00 GMT
accept-ranges: bytes
content-length: 4798
cache-control: max-age=10368000, public
expires: Sun, 19 Feb 2023 17:13:24 GMT
vary: Accept-Encoding
content-type: image/png
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/uploads/2018/10/nuance-qatar_logo.png
119.18.49.15200 OK 7.5 kB URL HTTP/2 www.nuancedigital.qa/wp-content/uploads/2018/10/nuance-qatar_logo.png
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 168 x 87, 8-bit/color RGBA, non-interlaced\012- data
Hash ba262fa05931971a0ceb3a11a494213b
cb40c892e33c6cc38172ae66542b8d7e37388e91
88fe5b1baee8985545b765936581ebcdf1ac213dc4d898b7346bcad890356c7a
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2018/10/nuance-qatar_logo.png HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 00:20:42 GMT
accept-ranges: bytes
content-length: 7461
cache-control: max-age=10368000, public
expires: Sun, 19 Feb 2023 17:13:24 GMT
vary: Accept-Encoding
content-type: image/png
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
119.18.49.15200 OK 7.0 kB URL HTTP/2 www.nuancedigital.qa/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (19111), with CRLF line terminators
Hash 513d386f3ea04b4d90da8141fa23486d
8b6cca81735851650d01b191f077db828253b4f6
acf50f3a373d61fbf20db09e2ff78cbc44d3d93b1b4e27cf6afb4e6b964286e3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 25 Aug 2022 23:47:18 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 6995
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/js/popper.min.js?ver=1.0
119.18.49.15200 OK 6.9 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/js/popper.min.js?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (19063), with CRLF line terminators
Hash 83e880ec744b6310580a06ce6cd62911
1bf6ac4e9f8f9f72891844361491c690b6322a39
4b1a69e52d1c97532b1a5df36ccaed1c279e17b5130a7e431d2494e80eae36c3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/js/popper.min.js?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 6934
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/js/bootstrap.min.js?ver=1.0
119.18.49.15200 OK 13 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/js/bootstrap.min.js?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (48664), with CRLF line terminators
Hash 73f2203bd353fd59966ceebed2652736
94ac0edd49cb400696c0a4382a84cf90c3f2c359
ac6fae8fe4e03cd6f2e412e77a8f933e9265bf8e8bf66aa254b2baf89cd9fb50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/js/bootstrap.min.js?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 13053
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
119.18.49.15200 OK 31 kB URL HTTP/2 www.nuancedigital.qa/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65446), with CRLF line terminators
Hash 4273e0f3804379368199587af3d87eb6
8ae8a3c9ae43e44e71e858d8c48378f5b321264f
f9f127c9c85ab75b0125438cb9266fef325828162833841c4e0c8ba47dd06e30
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 25 Aug 2022 23:47:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 30835
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/js/waypoints.min.js?ver=1.0
119.18.49.15200 OK 2.8 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/js/waypoints.min.js?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (8863), with CRLF, CR line terminators
Hash 1ebf7b707b98230c03e4836a7509891b
85d65472bad2ec4c4a6312786a1de063aaf708bb
e10e4bd73626f4bdfa72da15e2f911d7b48dd7cc99b73dd7acd355a34de51375
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/js/waypoints.min.js?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:48 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2758
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/js/owl.carousel.min.js?ver=1.0
119.18.49.15200 OK 12 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/js/owl.carousel.min.js?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2290), with CRLF line terminators
Hash ac7e1ceda06035a69c9a41e3731495cd
06b417e59286f7a7c4327cc80cf6011836cbe597
c166b0cab723e401b86b68f5b2d156093a19f9d3ded93c25031ad54245b21f2e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/js/owl.carousel.min.js?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:52 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 11753
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/images/404.png
119.18.49.15200 OK 13 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/images/404.png
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 5ca787a3e8f3dcf9102736946d22414d
02c4bec7be7862712f4f3c602d69da39a7784eda
2c2b76caa8a99e0fe29c95d216514c6ba3117773d2a3f07b69e8dacd0e831c96
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/images/404.png HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:32 GMT
accept-ranges: bytes
content-length: 13040
cache-control: max-age=10368000, public
expires: Sun, 19 Feb 2023 17:13:24 GMT
vary: Accept-Encoding
content-type: image/png
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/js/app.js?ver=3.14
119.18.49.15200 OK 542 B URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/js/app.js?ver=3.14
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash ac75fba5a3e7fe8159455348490115f6
e2d651cf71958e0ea1eb2037f607ace432162c33
d360b83b3657441f3943e4536da5a6719ed5485565ebc1acac9981479a596298
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/click-to-chat-for-whatsapp/prev/assets/js/app.js?ver=3.14 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 Oct 2022 11:13:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 542
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/js/jquery.magnific.popup.js?ver=1.0
119.18.49.15200 OK 12 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/js/jquery.magnific.popup.js?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash fbffb19d2a000fad9cdd98cbaa67862c
5f425721e4451fdf8d651c9a02c41237414d4924
8f8f3cce4e896a11485fbaa865e83069b05deafc363bd12212bb94d6f49c4f11
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/js/jquery.magnific.popup.js?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:52 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 12534
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/img/whatsapp-logo-32x32.png
119.18.49.15200 OK 1.1 kB URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/img/whatsapp-logo-32x32.png
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 247951a528f1c654c378b1cc02161528
e64a22682d119c5822b22202540bc515b6f7280d
e49970c0e24a6903f017792add41cc37f9a7b6b782c1bcca138351de51fffcf2
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/img/whatsapp-logo-32x32.png HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 14 Oct 2022 11:13:02 GMT
accept-ranges: bytes
content-length: 1148
cache-control: max-age=10368000, public
expires: Sun, 19 Feb 2023 17:13:24 GMT
vary: Accept-Encoding
content-type: image/png
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/themes/geobin/assets/js/easy-pie-chart.js?ver=1.0
119.18.49.15200 OK 3.2 kB URL HTTP/2 www.nuancedigital.qa/wp-content/themes/geobin/assets/js/easy-pie-chart.js?ver=1.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 310e1132d5a4c131de8498348a17b119
ca44877f372459cefa119458a311dacda36be5cb
18d108493cb0df4a97d6c250cd94cccbfb71721e40aa6c1b479d1c470291dd05
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/geobin/assets/js/easy-pie-chart.js?ver=1.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 01:23:56 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 22 Oct 2023 17:13:24 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 3151
content-type: application/javascript; charset=utf-8
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 52483dc9b33d08588ff49f09996c8f2a
8fd4cc8ec5fd5d22733a76cda1d7b127ec89c8b5
3570bec74d0831dc57471ddfead4e6e075a814d8781ee8178377e906819baecc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6226
Cache-Control: max-age=168941
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:24 GMT
Etag: "6353fd4f-116"
Expires: Mon, 24 Oct 2022 16:09:05 GMT
Last-Modified: Sat, 22 Oct 2022 14:25:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 52483dc9b33d08588ff49f09996c8f2a
8fd4cc8ec5fd5d22733a76cda1d7b127ec89c8b5
3570bec74d0831dc57471ddfead4e6e075a814d8781ee8178377e906819baecc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6226
Cache-Control: max-age=168941
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:24 GMT
Etag: "6353fd4f-116"
Expires: Mon, 24 Oct 2022 16:09:05 GMT
Last-Modified: Sat, 22 Oct 2022 14:25:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
fonts.googleapis.com/css?family=Nunito%3A%2C800%7CAsap%3Aitalic%2C500italic
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Nunito%3A%2C800%7CAsap%3Aitalic%2C500italic
IP 142.250.74.10:0
Hash d6fe0b366c505defa018264d410565b0
0b5f45fc1fe12fce359ec2ec09a26ffe6b93fb49
00c733c88620407a8af0767ed9671bd4b2ec1c760c9bc94c26053c57b88d47bb
GET /css?family=Nunito%3A%2C800%7CAsap%3Aitalic%2C500italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 22 Oct 2022 17:13:23 GMT
date: Sat, 22 Oct 2022 17:13:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.195200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nuancedigital.qa
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 21:11:05 GMT
expires: Tue, 17 Oct 2023 21:11:05 GMT
cache-control: public, max-age=31536000
age: 417739
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
119.18.49.15409 Conflict 83 B URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nuancedigital.qa/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
119.18.49.15200 OK 77 kB URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.nuancedigital.qa/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 02 Oct 2022 23:48:25 GMT
accept-ranges: bytes
content-length: 77160
cache-control: max-age=10368000
expires: Sun, 19 Feb 2023 17:13:24 GMT
vary: Accept-Encoding
content-type: font/woff2
date: Sat, 22 Oct 2022 17:13:24 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/uploads/2019/06/nuuance-digital-marketing-company.png
119.18.49.15200 OK 11 kB URL HTTP/2 www.nuancedigital.qa/wp-content/uploads/2019/06/nuuance-digital-marketing-company.png
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 285 x 148, 8-bit/color RGBA, non-interlaced\012- data
Hash fb975fa0e13d263e432bd691e448c89f
75711689a5c809e9d6b93d53a77ad0c21956e841
831500b1d621434488dbbdf408a6228013ded1dda44450e28c23127b046b13bf
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2019/06/nuuance-digital-marketing-company.png HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 00:22:00 GMT
accept-ranges: bytes
content-length: 10914
cache-control: max-age=10368000, public
expires: Sun, 19 Feb 2023 17:13:25 GMT
vary: Accept-Encoding
content-type: image/png
date: Sat, 22 Oct 2022 17:13:25 GMT
server: Apache
X-Firefox-Spdy: h2
sc-static.net/scevent.min.js
216.137.34.250200 OK 8.8 kB URL HTTP/2 sc-static.net/scevent.min.js
IP 216.137.34.250:0
File type ASCII text, with very long lines (25360), with no line terminators
Hash 0a9ae6ce08907430d098cb7f33229ab0
586a3658e84ce11be82933f221ebe9f378693e2d
23c6390459e8694d6ff20ce93b103d354cbf07faa480160b56422ad987bd5e6a
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 8762
server: CloudFront
date: Sat, 22 Oct 2022 17:13:24 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=7597367353fc42ec80eed3655529ff0f;max-age=86400;expires=Sun, 23 Oct 2022 15:14:03 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 5f684ddc3ff7bc889dac29fa9e51915a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
x-amz-cf-id: R_vQJqZalRLOTs1eTKGqw5OKs_1df6DSovjku2nFHqdM5BGWTFUJBg==
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
119.18.49.15409 Conflict 83 B URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 22 Oct 2022 17:13:25 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
119.18.49.15409 Conflict 83 B URL HTTP/2 www.nuancedigital.qa/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586; _ga_T9KTBME5X6=GS1.1.1666458819.1.0.1666458819.0.0.0; _ga=GA1.1.423684138.1666458819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 22 Oct 2022 17:13:25 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 3.1 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 19 Oct 2022 18:56:33 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=67023
date: Sat, 22 Oct 2022 17:13:24 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 22 Oct 2022 16:41:09 GMT
expires: Sat, 22 Oct 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 1935
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr-rc.lfeeder.com/?sid=3P1w24doxJG7mY5n&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJVQS0xNTgwNDM5MDYtMSIsIkctVDlLVEJNRTVYNiJdLCJnYUNsaWVudElkcyI6WyI0MjM2ODQxMzguMTY2NjQ1ODgxOSJdLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6ImxmdHJhY2tlciIsInZlcnNpb24iOiIyLjU2LjMifSwicGFnZVVybCI6Imh0dHBzOi8vd3d3Lm51YW5jZWRpZ2l0YWwucWEvb21yL3RlYXJoYWNvcGltdGNzaSIsInBhZ2VUaXRsZSI6IlBhZ2Ugbm90IGZvdW5kIC0gTnVhbmNlIERpZ2l0YWwgTWFya2V0aW5nIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiI4YTE0YmUxNzE1ODVjMjE5Iiwic2NyaXB0SWQiOiIzUDF3MjRkb3hKRzdtWTVuIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5mNjdjMzk1YTA5MGJhNmJmLjE2NjY0NTg4MTk0OTUiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
52.84.93.97200 OK 43 B URL HTTP/2 tr-rc.lfeeder.com/?sid=3P1w24doxJG7mY5n&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJVQS0xNTgwNDM5MDYtMSIsIkctVDlLVEJNRTVYNiJdLCJnYUNsaWVudElkcyI6WyI0MjM2ODQxMzguMTY2NjQ1ODgxOSJdLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6ImxmdHJhY2tlciIsInZlcnNpb24iOiIyLjU2LjMifSwicGFnZVVybCI6Imh0dHBzOi8vd3d3Lm51YW5jZWRpZ2l0YWwucWEvb21yL3RlYXJoYWNvcGltdGNzaSIsInBhZ2VUaXRsZSI6IlBhZ2Ugbm90IGZvdW5kIC0gTnVhbmNlIERpZ2l0YWwgTWFya2V0aW5nIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiI4YTE0YmUxNzE1ODVjMjE5Iiwic2NyaXB0SWQiOiIzUDF3MjRkb3hKRzdtWTVuIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5mNjdjMzk1YTA5MGJhNmJmLjE2NjY0NTg4MTk0OTUiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
IP 52.84.93.97:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /?sid=3P1w24doxJG7mY5n&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJVQS0xNTgwNDM5MDYtMSIsIkctVDlLVEJNRTVYNiJdLCJnYUNsaWVudElkcyI6WyI0MjM2ODQxMzguMTY2NjQ1ODgxOSJdLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6ImxmdHJhY2tlciIsInZlcnNpb24iOiIyLjU2LjMifSwicGFnZVVybCI6Imh0dHBzOi8vd3d3Lm51YW5jZWRpZ2l0YWwucWEvb21yL3RlYXJoYWNvcGltdGNzaSIsInBhZ2VUaXRsZSI6IlBhZ2Ugbm90IGZvdW5kIC0gTnVhbmNlIERpZ2l0YWwgTWFya2V0aW5nIiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiI4YTE0YmUxNzE1ODVjMjE5Iiwic2NyaXB0SWQiOiIzUDF3MjRkb3hKRzdtWTVuIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5mNjdjMzk1YTA5MGJhNmJmLjE2NjY0NTg4MTk0OTUiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ== HTTP/1.1
Host: tr-rc.lfeeder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
server: CloudFront
date: Sat, 22 Oct 2022 17:13:24 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 8cedfb7a16a346fb0119eb355ecdaf4c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C4
x-amz-cf-id: N3v6BOZm0J-PHBZT97ixb9LOaV_jjkDxb2sAkA7BmgRS6xPdy8mEGw==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 78eb615608702c0b13883ec9a639897a
b5370eef8ce454c3cdd4c82c02e06e2c071065e5
9d400e867c4a74f3f173b5b919eab8f4b2d32f7651ce484d12df063d03825c69
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5267
Cache-Control: max-age=117201
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:24 GMT
Etag: "635336f2-1d7"
Expires: Mon, 24 Oct 2022 01:46:45 GMT
Last-Modified: Sat, 22 Oct 2022 00:18:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/plugins/ua/linkid.js
142.250.74.174200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 17:02:26 GMT
expires: Sat, 22 Oct 2022 18:02:26 GMT
cache-control: public, max-age=3600
age: 659
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
142.250.74.163200 OK 402 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (608)
Size 402 kB (401632 bytes)
Hash af538c6d81d575aac0416963bea7b208
22a080678c77639132902a5ef3ead0b4d06b3120
396c964c85a9b2e9a380bb18b1f6d51960f2bc7f7d4fd2bcf4754fc0ac443cd0
GET /recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.nuancedigital.qa
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 401632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 09:35:32 GMT
expires: Sun, 22 Oct 2023 09:35:32 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 02 Oct 2022 20:02:07 GMT
content-type: text/javascript
age: 27472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=288381564&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&dp=%2F404.html%3Fpage%3D%2Fomr%2Ftearhacopimtcsi%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Nuance%20Digital%20Marketing&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aCDAAUIhAAAAACAAI~&jid=970828779&gjid=1327362410&cid=423684138.1666458819&tid=UA-158043906-1&_gid=1434092970.1666458820&_r=1>m=2ouaj0&did=dZGIzZG&gdid=dZGIzZG&z=1357137656
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=288381564&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&dp=%2F404.html%3Fpage%3D%2Fomr%2Ftearhacopimtcsi%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Nuance%20Digital%20Marketing&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aCDAAUIhAAAAACAAI~&jid=970828779&gjid=1327362410&cid=423684138.1666458819&tid=UA-158043906-1&_gid=1434092970.1666458820&_r=1>m=2ouaj0&did=dZGIzZG&gdid=dZGIzZG&z=1357137656
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=288381564&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&dp=%2F404.html%3Fpage%3D%2Fomr%2Ftearhacopimtcsi%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Nuance%20Digital%20Marketing&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=aCDAAUIhAAAAACAAI~&jid=970828779&gjid=1327362410&cid=423684138.1666458819&tid=UA-158043906-1&_gid=1434092970.1666458820&_r=1>m=2ouaj0&did=dZGIzZG&gdid=dZGIzZG&z=1357137656 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.nuancedigital.qa
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.nuancedigital.qa
date: Sat, 22 Oct 2022 17:13:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64348)
Hash 71875f848896ee82a106224e048bd060
277a624e507dff2cd9cff104aa0c5618ca76e105
a22635e404a419027fc88eee705d254910d05d481953733d5e1fda4bc6ab3c5b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: d2wiTHcmXKCp61NidkFAenMovZmbhcN+8tdaxW6FA+hNWn5Wu4+69nVOfsJfDlEfuklWII8CVkXZnEewV93eYQ==
content-length: 27027
x-fb-trip-id: 1679558926
date: Sat, 22 Oct 2022 17:13:25 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 78eb615608702c0b13883ec9a639897a
b5370eef8ce454c3cdd4c82c02e06e2c071065e5
9d400e867c4a74f3f173b5b919eab8f4b2d32f7651ce484d12df063d03825c69
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5268
Cache-Control: max-age=117201
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:25 GMT
Etag: "635336f2-1d7"
Expires: Mon, 24 Oct 2022 01:46:46 GMT
Last-Modified: Sat, 22 Oct 2022 00:18:58 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.nuancedigital.qa/wp-content/uploads/2020/03/cropped-Nuance_favicon_big-192x192.png
119.18.49.15200 OK 7.5 kB URL HTTP/2 www.nuancedigital.qa/wp-content/uploads/2020/03/cropped-Nuance_favicon_big-192x192.png
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d58413c30c18a6132091fcef0653c93
ce889f9569afd89969ad416959a85bd7bdf8f39c
72be2f81c30aa33455d90fbe2f5762fd18ad954b87df5791d8c760818a163208
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2020/03/cropped-Nuance_favicon_big-192x192.png HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586; _ga_T9KTBME5X6=GS1.1.1666458819.1.0.1666458819.0.0.0; _ga=GA1.1.423684138.1666458819; _lfa=LF1.1.f67c395a090ba6bf.1666458819495
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 00:24:12 GMT
accept-ranges: bytes
content-length: 7454
cache-control: max-age=10368000, public
expires: Sun, 19 Feb 2023 17:13:25 GMT
vary: Accept-Encoding
content-type: image/png
date: Sat, 22 Oct 2022 17:13:25 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/wp-content/uploads/2020/03/cropped-Nuance_favicon_big-32x32.png
119.18.49.15200 OK 1.0 kB URL HTTP/2 www.nuancedigital.qa/wp-content/uploads/2020/03/cropped-Nuance_favicon_big-32x32.png
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 13397150054821b8f673ab5a88ae6adc
1da792cc857d0c1b92c7b511ae062e37f88ddff8
762e225daf1ddb226142f616d94363b97e26a7b070ae2abcad563e0dcb0eb652
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2020/03/cropped-Nuance_favicon_big-32x32.png HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/omr/tearhacopimtcsi
Cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586; _ga_T9KTBME5X6=GS1.1.1666458819.1.0.1666458819.0.0.0; _ga=GA1.1.423684138.1666458819; _lfa=LF1.1.f67c395a090ba6bf.1666458819495
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 00:24:12 GMT
accept-ranges: bytes
content-length: 1016
cache-control: max-age=10368000, public
expires: Sun, 19 Feb 2023 17:13:25 GMT
vary: Accept-Encoding
content-type: image/png
date: Sat, 22 Oct 2022 17:13:25 GMT
server: Apache
X-Firefox-Spdy: h2
www.nuancedigital.qa/omr/tearhacopimtcsi
119.18.49.15404 Not Found 14 kB URL HTTP/2 www.nuancedigital.qa/omr/tearhacopimtcsi
IP 119.18.49.15:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, CR, LF line terminators
Hash a0c8b7be43457e9d157eb4e911d8431b
5c533bb1fb68b7b8041e9ec5046001f4a320e79e
ccc80390e618e2b44e5cebcba5cea23b9fba6572ccd633a8acb84b867d341334
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /omr/tearhacopimtcsi HTTP/1.1
Host: www.nuancedigital.qa
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
date: Sat, 22 Oct 2022 17:13:22 GMT
server: Apache
content-type: text/html; charset=UTF-8
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.nuancedigital.qa/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
vary: Accept-Encoding
set-cookie: PHPSESSID=f9ded2567093d450b21ea7262c373586; path=/; secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 06210a4a9db522652fd6aabfa05b2653
630b4ef71ec82a3970927a328d279035eaaa1267
5100e1703020fdef7d473c91e1c88dfb734083057f431feeefaaa24838990a21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-123143350-1&cid=423684138.1666458819&jid=436890845&gjid=1060777765&_gid=1434092970.1666458820&_u=aCDAAUIhAAAAACAAI~&z=847801995
173.194.222.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-123143350-1&cid=423684138.1666458819&jid=436890845&gjid=1060777765&_gid=1434092970.1666458820&_u=aCDAAUIhAAAAACAAI~&z=847801995
IP 173.194.222.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-123143350-1&cid=423684138.1666458819&jid=436890845&gjid=1060777765&_gid=1434092970.1666458820&_u=aCDAAUIhAAAAACAAI~&z=847801995 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.nuancedigital.qa
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.nuancedigital.qa
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 22 Oct 2022 17:13:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-T9KTBME5X6>m=2oeaj0&_p=288381564&cid=423684138.1666458819&ul=en-us&sr=1280x1024&_s=1&sid=1666458819&sct=1&seg=0&dl=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&dt=Page%20not%20found%20-%20Nuance%20Digital%20Marketing&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-T9KTBME5X6>m=2oeaj0&_p=288381564&cid=423684138.1666458819&ul=en-us&sr=1280x1024&_s=1&sid=1666458819&sct=1&seg=0&dl=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&dt=Page%20not%20found%20-%20Nuance%20Digital%20Marketing&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-T9KTBME5X6>m=2oeaj0&_p=288381564&cid=423684138.1666458819&ul=en-us&sr=1280x1024&_s=1&sid=1666458819&sct=1&seg=0&dl=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&dt=Page%20not%20found%20-%20Nuance%20Digital%20Marketing&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.nuancedigital.qa
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.nuancedigital.qa
date: Sat, 22 Oct 2022 17:13:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 06210a4a9db522652fd6aabfa05b2653
630b4ef71ec82a3970927a328d279035eaaa1267
5100e1703020fdef7d473c91e1c88dfb734083057f431feeefaaa24838990a21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3568084%26time%3D1666458819674%26url%3Dhttps%253A%252F%252Fwww.nuancedigital.qa%252Fomr%252Ftearhacopimtcsi%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3568084%26time%3D1666458819674%26url%3Dhttps%253A%252F%252Fwww.nuancedigital.qa%252Fomr%252Ftearhacopimtcsi%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3568084%26time%3D1666458819674%26url%3Dhttps%253A%252F%252Fwww.nuancedigital.qa%252Fomr%252Ftearhacopimtcsi%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nuancedigital.qa/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3568084&time=1666458819674&url=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&357c9003-ebbc-4bac-8909-f5edce26490e"; Domain=.linkedin.com; Expires=Sun, 22-Oct-2023 17:13:25 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202210221713252ba1b109-3239-43c2-891f-bf487fe34e0aAQE7oVj_vzkQagfHYujdzJ8Fuh83rRu7"; Domain=.www.linkedin.com; Expires=Sun, 22-Oct-2023 17:13:25 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjY0NTg4MDU7MjswMjEvoiZ6OUdST3TBMfBeGkWDVxQJOAfoxOzBauMLO13F7g==; Domain=.linkedin.com; Expires=Thu, 20 Apr 2023 17:13:25 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2414:u=1:x=1:i=1666458805:t=1666545205:v=2:sig=AQG7MPYtCqWklKMZ84XcqxwFvKq9VMxN"; Expires=Sun, 23 Oct 2022 17:13:25 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com *.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXroq0fhOovjQAUP4wofA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 75647DB3F59042E4A767EF0A14ABA583 Ref B: OSL30EDGE0119 Ref C: 2022-10-22T17:13:25Z
date: Sat, 22 Oct 2022 17:13:24 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d8ad2cc67fe4edf14ed9497ee349419b
b11f1d3df0e57e5967f39f8dfeb97af5138edd5f
b459e908234aaa71dd46eafb74920476176f9f8136fc2df0cdd7eecb744d35c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=2103017053330282&ev=PageView&dl=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&rl=&if=false&ts=1666458820023&sw=1280&sh=1024&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666458820022.1318986151&it=1666458819817&coo=false&rqm=GET
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2103017053330282&ev=PageView&dl=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&rl=&if=false&ts=1666458820023&sw=1280&sh=1024&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666458820022.1318986151&it=1666458819817&coo=false&rqm=GET
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2103017053330282&ev=PageView&dl=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&rl=&if=false&ts=1666458820023&sw=1280&sh=1024&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666458820022.1318986151&it=1666458819817&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 22 Oct 2022 17:13:25 GMT
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-123143350-1&cid=423684138.1666458819&jid=436890845&_u=aCDAAUIhAAAAACAAI~&z=106742738
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-123143350-1&cid=423684138.1666458819&jid=436890845&_u=aCDAAUIhAAAAACAAI~&z=106742738
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-123143350-1&cid=423684138.1666458819&jid=436890845&_u=aCDAAUIhAAAAACAAI~&z=106742738 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 22 Oct 2022 17:13:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 32b18cf6617f4e930872c1470af05703
4c07ce8749baf89e9812de6bb45deb0a3fc5013e
23481ba8ebf19debe4a6119d605ad31c0589a08bbc253a6428938ac9a84d5b22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 12:31:58 GMT
expires: Sun, 22 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 16887
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 00:48:31 GMT
expires: Sat, 21 Oct 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 145494
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3568084&time=1666458819674&url=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3568084&time=1666458819674&url=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3568084&time=1666458819674&url=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nuancedigital.qa/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&f8d39d5a-b564-45db-8eea-1e3a1636dac5"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 22-Oct-2023 17:13:25 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2405:u=1:x=1:i=1666458805:t=1666545205:v=2:sig=AQEWu46JMygdcgo7h47PMS1xlXjvo47a"; Expires=Sun, 23 Oct 2022 17:13:25 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXroq0h+pXsz15FNlz1dg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9600A1205D274C2283125AEB5A0A7091 Ref B: OSL30EDGE0119 Ref C: 2022-10-22T17:13:25Z
date: Sat, 22 Oct 2022 17:13:24 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d503a9d4e54b6e754bb84d1c74603e6a
d05d7867015577e279fad27a0be63b43cf8a02bb
7390cc764693e069df48c456b57dada93e275ad4efed074a5f1b52a64c71b5cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2950
Cache-Control: max-age=134687
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:25 GMT
Etag: "6353844e-1d7"
Expires: Mon, 24 Oct 2022 06:38:12 GMT
Last-Modified: Sat, 22 Oct 2022 05:49:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d503a9d4e54b6e754bb84d1c74603e6a
d05d7867015577e279fad27a0be63b43cf8a02bb
7390cc764693e069df48c456b57dada93e275ad4efed074a5f1b52a64c71b5cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2950
Cache-Control: max-age=134687
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:25 GMT
Etag: "6353844e-1d7"
Expires: Mon, 24 Oct 2022 06:38:12 GMT
Last-Modified: Sat, 22 Oct 2022 05:49:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
tr.snapchat.com/cm/i?pid=918e4a5c-bb5d-41eb-bce7-11161edd6a82&u_scsid=44a080db-f9e0-4747-afc4-6f5d59ea16a4&u_sclid=ff1c97d8-48c7-4537-ab3a-cc60ce75bea7
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/cm/i?pid=918e4a5c-bb5d-41eb-bce7-11161edd6a82&u_scsid=44a080db-f9e0-4747-afc4-6f5d59ea16a4&u_sclid=ff1c97d8-48c7-4537-ab3a-cc60ce75bea7
IP 35.190.43.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=918e4a5c-bb5d-41eb-bce7-11161edd6a82&u_scsid=44a080db-f9e0-4747-afc4-6f5d59ea16a4&u_sclid=ff1c97d8-48c7-4537-ab3a-cc60ce75bea7 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 17:13:25 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/p?trackId=fb7b5c45-3211-4aad-8fd9-4b44d9a2c063&pid=918e4a5c-bb5d-41eb-bce7-11161edd6a82&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&ts=1666458820297&rf=&v=1.6.0&if=false&bt=e420c9ef&intg=gtm&m_sl=3874&m_rd=4786&m_pi=4031&m_dcl=4035&m_fcps=3599&m_pl=4777&m_ic=0&m_pv=v2&u_hem=FFFeb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&u_c1=62b3544c-4093-4f60-a977-b415fcb08ff9&u_scsid=44a080db-f9e0-4747-afc4-6f5d59ea16a4&u_sclid=ff1c97d8-48c7-4537-ab3a-cc60ce75bea7&s_r_ids=0
35.190.43.134200 OK 68 B URL HTTP/2 tr.snapchat.com/p?trackId=fb7b5c45-3211-4aad-8fd9-4b44d9a2c063&pid=918e4a5c-bb5d-41eb-bce7-11161edd6a82&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&ts=1666458820297&rf=&v=1.6.0&if=false&bt=e420c9ef&intg=gtm&m_sl=3874&m_rd=4786&m_pi=4031&m_dcl=4035&m_fcps=3599&m_pl=4777&m_ic=0&m_pv=v2&u_hem=FFFeb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&u_c1=62b3544c-4093-4f60-a977-b415fcb08ff9&u_scsid=44a080db-f9e0-4747-afc4-6f5d59ea16a4&u_sclid=ff1c97d8-48c7-4537-ab3a-cc60ce75bea7&s_r_ids=0
IP 35.190.43.134:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?trackId=fb7b5c45-3211-4aad-8fd9-4b44d9a2c063&pid=918e4a5c-bb5d-41eb-bce7-11161edd6a82&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.nuancedigital.qa%2Fomr%2Ftearhacopimtcsi&ts=1666458820297&rf=&v=1.6.0&if=false&bt=e420c9ef&intg=gtm&m_sl=3874&m_rd=4786&m_pi=4031&m_dcl=4035&m_fcps=3599&m_pl=4777&m_ic=0&m_pv=v2&u_hem=FFFeb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&u_c1=62b3544c-4093-4f60-a977-b415fcb08ff9&u_scsid=44a080db-f9e0-4747-afc4-6f5d59ea16a4&u_sclid=ff1c97d8-48c7-4537-ab3a-cc60ce75bea7&s_r_ids=0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 17:13:25 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgRHAIAgDwIm4oxoiHQdtnILh+x9HX2q9xsIwMLeVcG0OzO1HqhXdD0lEpkf7D0sDoWAyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d503a9d4e54b6e754bb84d1c74603e6a
d05d7867015577e279fad27a0be63b43cf8a02bb
7390cc764693e069df48c456b57dada93e275ad4efed074a5f1b52a64c71b5cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2950
Cache-Control: max-age=134687
Content-Type: application/ocsp-response
Date: Sat, 22 Oct 2022 17:13:25 GMT
Etag: "6353844e-1d7"
Expires: Mon, 24 Oct 2022 06:38:12 GMT
Last-Modified: Sat, 22 Oct 2022 05:49:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
151.101.85.229200 OK 73 kB URL HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP 151.101.85.229:0
Hash ff0d444a4d154885e969b8172e5c518d
2b2e775afb3659c240bbccc92f2b5c6404b90c05
13a07dc014c4077fe4f034ce15e9a531e728c9d30e366ec80bdddce12765da90
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 22 Oct 2022 17:13:26 GMT
age: 18605163
x-served-by: cache-fra19156-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 5e9f7be838623a50b8c5e40903f55797
f290c2924769fc2970070a1ddcb39c681d841e9a
25deeb7d90b207a8085195e1f2ab1346fff2a9f72964b8ae321fad6a679b54b1
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 22 Oct 2022 17:13:26 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "57C8D5428139407575B2AEF7E98F3FC4E3EB8938"
Expires: Sun, 23 Oct 2022 04:00:00 GMT
Last-Modified: Sat, 22 Oct 2022 16:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2401
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75e3dd13df1db524-OSL
vsa32.tawk.to/s/?k=635424b6c7e2e37b67e8c9de&cver=0&pop=false&asver=78&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YzQ2Y2M0YTUxNDEwNTY4YTEwN2JiYWQiLCJ2aWQiOiI1NDU0YzFjYTFlMjY0MGJiZmMwYjBmYzBmNjE5ZjEzNGYxNTUxYjM3MTk2N2U0MGNjMTFhMjMxOTQ1ZjRkMTEyIiwic2lkIjoiNjM1NDI0YjZjN2UyZTM3YjY3ZThjOWRlIiwiaWF0IjoxNjY2NDU4ODA2LCJleHAiOjE2NjY0NjA2MDYsImp0aSI6ImZUc1g0eFQtWElpYmx4aXRLRTZ6cSJ9.fEoYf69eX-HzASNoo2Oob_-UzNzARyy3wP0I3SclrYuhiax5mec1a3T5X8vvLHwt31RL3wjd--zh-j7BydxSzQ&EIO=3&transport=websocket&__t=OG0hw43
104.22.25.131101 Switching Protocols 4.0 kB URL HTTP/1.1 vsa32.tawk.to/s/?k=635424b6c7e2e37b67e8c9de&cver=0&pop=false&asver=78&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YzQ2Y2M0YTUxNDEwNTY4YTEwN2JiYWQiLCJ2aWQiOiI1NDU0YzFjYTFlMjY0MGJiZmMwYjBmYzBmNjE5ZjEzNGYxNTUxYjM3MTk2N2U0MGNjMTFhMjMxOTQ1ZjRkMTEyIiwic2lkIjoiNjM1NDI0YjZjN2UyZTM3YjY3ZThjOWRlIiwiaWF0IjoxNjY2NDU4ODA2LCJleHAiOjE2NjY0NjA2MDYsImp0aSI6ImZUc1g0eFQtWElpYmx4aXRLRTZ6cSJ9.fEoYf69eX-HzASNoo2Oob_-UzNzARyy3wP0I3SclrYuhiax5mec1a3T5X8vvLHwt31RL3wjd--zh-j7BydxSzQ&EIO=3&transport=websocket&__t=OG0hw43
IP 104.22.25.131:0
Hash ae843ee95e549e867dba1e4e8ce7e48a
37e047654e98906a0b37248bd7af0f872a79bcbb
24feb6fbb27021440168727c7a4e132779fea10b871af475403c921e1f6f6678
GET /s/?k=635424b6c7e2e37b67e8c9de&cver=0&pop=false&asver=78&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YzQ2Y2M0YTUxNDEwNTY4YTEwN2JiYWQiLCJ2aWQiOiI1NDU0YzFjYTFlMjY0MGJiZmMwYjBmYzBmNjE5ZjEzNGYxNTUxYjM3MTk2N2U0MGNjMTFhMjMxOTQ1ZjRkMTEyIiwic2lkIjoiNjM1NDI0YjZjN2UyZTM3YjY3ZThjOWRlIiwiaWF0IjoxNjY2NDU4ODA2LCJleHAiOjE2NjY0NjA2MDYsImp0aSI6ImZUc1g0eFQtWElpYmx4aXRLRTZ6cSJ9.fEoYf69eX-HzASNoo2Oob_-UzNzARyy3wP0I3SclrYuhiax5mec1a3T5X8vvLHwt31RL3wjd--zh-j7BydxSzQ&EIO=3&transport=websocket&__t=OG0hw43 HTTP/1.1
Host: vsa32.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.nuancedigital.qa
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jD/ypTXTlQHDwt98d4dXUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sat, 22 Oct 2022 17:13:26 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: aXoqqj3zrXtBQ1iNjVnE8ftNiTU=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 75e3dd12d9b2b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
IP 104.22.24.131:0
GET /_s/v4/app/63258f417d7/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.nuancedigital.qa
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 17:13:25 GMT
content-type: application/javascript
age: 12136
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75e3dd0eee44b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/5c46cc4a51410568a107bbad/default
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/5c46cc4a51410568a107bbad/default
IP 104.22.24.131:0
GET /5c46cc4a51410568a107bbad/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.nuancedigital.qa
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 17:13:24 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63258f417d7"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 43
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75e3dd070c17b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sc.lfeeder.com/lftracker_v1_3P1w24doxJG7mY5n.js
18.244.140.105200 OK 0 B URL HTTP/2 sc.lfeeder.com/lftracker_v1_3P1w24doxJG7mY5n.js
IP 18.244.140.105:0
GET /lftracker_v1_3P1w24doxJG7mY5n.js HTTP/1.1
Host: sc.lfeeder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 22 Oct 2022 17:12:42 GMT
cache-control: max-age=3600
last-modified: Thu, 20 Oct 2022 09:30:09 GMT
x-amz-version-id: YsvQ0qHKJpKEjGNsgycrih3nbhKeNkQS
etag: W/"79b2827c833b46d9416f2c98b87808cd"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 36ebde0b08ea3144d51a5c4ebe210c20.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P7
x-amz-cf-id: moB4L19XpX_akqN24BHP-qKfJMYXBX-fKiNRJuYCm556Inpg0EVjuQ==
age: 43
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
IP 104.22.24.131:0
GET /_s/v4/app/63258f417d7/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.nuancedigital.qa
Connection: keep-alive
Referer: https://www.nuancedigital.qa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 22 Oct 2022 17:13:25 GMT
content-type: application/javascript
age: 12136
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 75e3dd0eee41b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tr.snapchat.com/collector/is_enabled?pids=918e4a5c-bb5d-41eb-bce7-11161edd6a82&tld=qa
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/collector/is_enabled?pids=918e4a5c-bb5d-41eb-bce7-11161edd6a82&tld=qa
IP 35.190.43.134:0
GET /collector/is_enabled?pids=918e4a5c-bb5d-41eb-bce7-11161edd6a82&tld=qa HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nuancedigital.qa/
Origin: https://www.nuancedigital.qa
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 17:13:25 GMT
access-control-allow-origin: https://www.nuancedigital.qa
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 1
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.snapchat.com/init?pids=918e4a5c-bb5d-41eb-bce7-11161edd6a82
35.190.43.134200 OK 0 B URL HTTP/2 tr.snapchat.com/init?pids=918e4a5c-bb5d-41eb-bce7-11161edd6a82
IP 35.190.43.134:0
GET /init?pids=918e4a5c-bb5d-41eb-bce7-11161edd6a82 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nuancedigital.qa/
Origin: https://www.nuancedigital.qa
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 22 Oct 2022 17:13:25 GMT
access-control-allow-origin: https://www.nuancedigital.qa
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2