r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 08e6c2a84b9de97bdd5a18a3a63ae614
7efc3c3550bf303438e0ec910f78714588f3c72b
a3bfd5d99c99a5956cf91510743a0911b300938ae2095bfbadbc7f9485b4e3b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3BFD5D99C99A5956CF91510743A0911B300938AE2095BFBADBC7F9485B4E3B9"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4174
Expires: Mon, 31 Oct 2022 19:08:04 GMT
Date: Mon, 31 Oct 2022 17:58:30 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 37c018b30f8ecbca9d4c0606287c01d8
9f1ce6e9b6ee40dc53da9f686c35c985485b2425
e16c2bf8d2e615c8fcd5adc5faf01cd9cc523d0ef7fa29b648b372d2ecdc95c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2582
Cache-Control: max-age=144937
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 17:58:30 GMT
Etag: "635f95d9-1d7"
Expires: Wed, 02 Nov 2022 10:14:07 GMT
Last-Modified: Mon, 31 Oct 2022 09:31:05 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 37c018b30f8ecbca9d4c0606287c01d8
9f1ce6e9b6ee40dc53da9f686c35c985485b2425
e16c2bf8d2e615c8fcd5adc5faf01cd9cc523d0ef7fa29b648b372d2ecdc95c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2582
Cache-Control: max-age=144937
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 17:58:30 GMT
Etag: "635f95d9-1d7"
Expires: Wed, 02 Nov 2022 10:14:07 GMT
Last-Modified: Mon, 31 Oct 2022 09:31:05 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e59d16ee0744a08cb29d0f7e664a3827
f64722982e24ecc948f599edc76e36250ddf5112
2ef6e5bddd86663d50c9c66bc8b46f92534f4d0ef5e490a24fb876355ec006b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EF6E5BDDD86663D50C9C66BC8B46F92534F4D0EF5E490A24FB876355EC006B9"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4533
Expires: Mon, 31 Oct 2022 19:14:03 GMT
Date: Mon, 31 Oct 2022 17:58:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /kQieyLAwcmccdOM0xCuDk738RSBRdVrYPZgTaFywOWvh6z9wSsnxEsilQkjiWnLsqxCX3quPn4=
x-amz-request-id: KWMPGPWSM5VTXS48
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 31 Oct 2022 17:11:38 GMT
age: 2812
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 31 Oct 2022 17:58:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f646a3a97223c35e424ccb52d0ff73da
d88c49b4ac278348e6c669792334170911fb43dd
065a4e4db1b5f7d8231afbd3cb75ce74f0a74aee63bc12a79f5a8d050f55a05b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 243
Cache-Control: max-age=137539
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 17:58:31 GMT
Etag: "635f8217-1d7"
Expires: Wed, 02 Nov 2022 08:10:50 GMT
Last-Modified: Mon, 31 Oct 2022 08:06:47 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.228.200101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.228.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IwvuiLEjmBikok5re2kF8w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: W7+JNDeTLrpPTtTVOBpD/niKDZ8=
nwl.com.qa/es/offerrogers
162.214.80.109301 Moved Permanently 0 B URL HTTP/1.1 nwl.com.qa/es/offerrogers
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /es/offerrogers HTTP/1.1
Host: nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 31 Oct 2022 17:58:31 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://www.nwl.com.qa/es/offerrogers
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
X-Server-Cache: true
X-Proxy-Cache: MISS
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f286e64f8de8d0158fe2a83cea74da23
b0e9fd228565aaf58ec455d743e39559a548fdbb
21c7fb0f3d2486d6655b5d6817dd90faafa18836c820a684215f9a29f1a4451c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9781
Expires: Mon, 31 Oct 2022 20:41:33 GMT
Date: Mon, 31 Oct 2022 17:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f286e64f8de8d0158fe2a83cea74da23
b0e9fd228565aaf58ec455d743e39559a548fdbb
21c7fb0f3d2486d6655b5d6817dd90faafa18836c820a684215f9a29f1a4451c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9781
Expires: Mon, 31 Oct 2022 20:41:33 GMT
Date: Mon, 31 Oct 2022 17:58:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f286e64f8de8d0158fe2a83cea74da23
b0e9fd228565aaf58ec455d743e39559a548fdbb
21c7fb0f3d2486d6655b5d6817dd90faafa18836c820a684215f9a29f1a4451c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21C7FB0F3D2486D6655B5D6817DD90FAAFA18836C820A684215F9A29F1A4451C"
Last-Modified: Mon, 31 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9781
Expires: Mon, 31 Oct 2022 20:41:33 GMT
Date: Mon, 31 Oct 2022 17:58:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca9b1449-9118-4f7b-8444-7c8d22164616.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca9b1449-9118-4f7b-8444-7c8d22164616.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6138c205ed582180977c00ae3231e5dd
76e15ea81dc440923032e72c3a8601124d895712
f5e7c84c06192e19ff0d5743031a770f79e89a7b41903ef37dab1bafb3978ac6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca9b1449-9118-4f7b-8444-7c8d22164616.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10683
x-amzn-requestid: e8e77d09-5ea6-4ac8-8327-d18c78168383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayV3aGtsoAMFa-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cfc-3af1e39158fbc9dd3b1f3cf9;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:37:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bXaLzFTgyeLjZlFqkAdhaX7XeNNQSvf5u9_rm2PZVH0vw_4tIk1Cyg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 21:48:30 GMT
age: 72602
etag: "76e15ea81dc440923032e72c3a8601124d895712"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda9e9d05-60e1-4306-8343-0c7528ff720b.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda9e9d05-60e1-4306-8343-0c7528ff720b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edcea499342cb4ca7e3c89244dc8d849
819d9d46a49d75af68dc0cc06b3f5e9f86ec2a23
b62cd13dbfc77ef5eed5e0325d5502b2de6e24dcbe038d05a5611b00ea6105be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda9e9d05-60e1-4306-8343-0c7528ff720b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4604
x-amzn-requestid: 0c493247-ae7e-4f88-b1e5-4edb7dbed418
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ajLO1Gu7IAMFWHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63578bf8-282d95bb13a0e224024608bd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 07:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iMDP-thn7HuLaQvocbtVTk2slo-zKJ3fqL-EVtuFhxV1fisNq5cBew==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 31 Oct 2022 09:59:37 GMT
age: 28735
etag: "819d9d46a49d75af68dc0cc06b3f5e9f86ec2a23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8cfc555-4048-4e14-86b3-cc69eee56121.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8cfc555-4048-4e14-86b3-cc69eee56121.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75fc75d83e2c8db4b32c5a9fb53b31db
ff724242913f99f4d8d0d68a92b231b490072eab
fae871d41be568efd749a7b76d7d975020231053a0052df967a20b63589715ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8cfc555-4048-4e14-86b3-cc69eee56121.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10057
x-amzn-requestid: 11e904c9-7f64-460b-ac84-52fac380750b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a1py7G2_oAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635ef012-1bbd672d35611b964e43a108;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: a3K5kJ50FEOu1DhrLV6FURgIOjy9Gy6rNT-yQS14wMUpIdffGvE-vg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 22:09:38 GMT
age: 71334
etag: "ff724242913f99f4d8d0d68a92b231b490072eab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23c27174-26b8-4527-8bea-cad88bdc0d34.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23c27174-26b8-4527-8bea-cad88bdc0d34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a5598b5025c779903462274690bb7e3
0f8f5bacc06a4ee8e3be25c1dc642d22b91bca5c
9b862b8885ab187323aa8f7fdd7cd712959fd7a0b02f5b74c98896be2c5eccd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23c27174-26b8-4527-8bea-cad88bdc0d34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9749
x-amzn-requestid: ec256f33-dd6c-42dc-976e-970755bcb610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a1oYkGpmoAMFtQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635eedd0-6758a6d921b2dca27986636f;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 21:34:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: S9PTswWNOvdqCk-YlJ3vvNPN8-34Qvhr4evopc1fiTezxEBFIRbugg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 21:50:43 GMT
age: 72469
etag: "0f8f5bacc06a4ee8e3be25c1dc642d22b91bca5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd751ee58-30ac-4801-b175-eef34972d923.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd751ee58-30ac-4801-b175-eef34972d923.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53d69c3bef28d25726742b55c6fc5db3
f3965e44e79aa70930eb930d78e5003a280dcc35
a5692ad67db9d441a180f29a731e8920d5a0d4b71cba2b30460625da06b67ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd751ee58-30ac-4801-b175-eef34972d923.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7066
x-amzn-requestid: 8969e237-7b33-4816-884e-f218a8f37530
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: afURYErFoAMFRsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635600d5-1cbc4bd44f24e1bd78d88d5d;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 03:04:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xIK8QjGWtn7UUAG2xmTjiMcBmUbX1BQjUO0gMiuoHx6vLOB9miUvOQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 21:48:08 GMT
age: 72624
etag: "f3965e44e79aa70930eb930d78e5003a280dcc35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07876b5-faa6-4aa0-a431-a5353c5e0126.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07876b5-faa6-4aa0-a431-a5353c5e0126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb3964a844616e8156299a91f6068d3b
dc8a6f2b451b87f4b8f4573daf9f3587d801e1ed
014216665e0feb6a3f64460d8dd50023d4621e10fd31180d6807c9eda8f57364
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07876b5-faa6-4aa0-a431-a5353c5e0126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7616
x-amzn-requestid: ede9fc0d-bac4-495c-8ecb-39cae7324858
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aznUqG2RIAMFn3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635e1f50-772b9c7e057f59c46cc7bd6f;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 06:53:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: h9FWRKRLJCQT9M7qKj7c7wdASXyF4eaogCiAmea4i3UQlnOugk1qUw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 31 Oct 2022 15:34:39 GMT
age: 8633
etag: "dc8a6f2b451b87f4b8f4573daf9f3587d801e1ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.nwl.com.qa/es/offerrogers
162.214.80.109404 Not Found 39 kB URL HTTP/1.1 www.nwl.com.qa/es/offerrogers
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62484), with CRLF, LF line terminators
Hash c65d3e76dfbc7c9c88fae39e17afd8dc
e62e126f6324dff0ccfd6e7a128417d86cef1ffc
baf0922d891511d16bee726dbd9dfbb93b41aa759717ea2d97243beea52a7b0c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /es/offerrogers HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Date: Mon, 31 Oct 2022 17:58:31 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.nwl.com.qa/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
www.nwl.com.qa/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
162.214.80.109200 OK 17 kB URL HTTP/1.1 www.nwl.com.qa/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Thu, 27 Oct 2022 09:56:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 30 Nov 2022 17:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 16594
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 32e837c0fbe63274d45283b4a023dd6c
6f6548aab66b39153530fea54d95b20b85b24ef8
6cf1a45a66254ab7a94cf29a4ac72878c84303b214a3bf49eb637d6babbaf554
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 17:58:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nwl.com.qa/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
162.214.80.109200 OK 5.3 kB URL HTTP/1.1 www.nwl.com.qa/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 27 Oct 2022 09:56:56 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5321
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9c02f8cfeb5d8ec938bde86a8966f00d
7dc55d144bfbb789a8c7e5bf584697c2f2cd4e4f
55d5e19dccdd576ff492990021977abae84ee9acc24914f802880010c909f509
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 17:58:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nwl.com.qa/wp-content/plugins/bold-page-builder/slick/slick.css?ver=4.4.6
162.214.80.109200 OK 575 B URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/bold-page-builder/slick/slick.css?ver=4.4.6
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c7cd7eaaeceb626699c3f61cf0d97b31
7930a73cbfbc0683ebf12b982b4ec0ddf3498852
9782a15945372abd060dd052ac7e93e7239f7f4ac20ff8716c8f554a2e78855f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bold-page-builder/slick/slick.css?ver=4.4.6 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 25 Oct 2022 21:38:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 30 Nov 2022 17:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 575
Content-Type: text/css
www.nwl.com.qa/wp-content/themes/gardena/framework/css/style.css?ver=6.0.3
162.214.80.109200 OK 116 B URL HTTP/1.1 www.nwl.com.qa/wp-content/themes/gardena/framework/css/style.css?ver=6.0.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 9c8882e2641e64acc9a4173e5e4f452d
f34909a775901cf62f72dce3b7234654fba13985
c278e430eedc1d9649450aec219b8c42b90e38afdea3325e7aaf2b88b1bc6a87
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/gardena/framework/css/style.css?ver=6.0.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 21:33:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 30 Nov 2022 17:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 116
Content-Type: text/css
www.nwl.com.qa/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.7.3
162.214.80.109200 OK 13 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.7.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2586b72a57d56fcc09dfabcd84488de5
58d34cec79898ec005ba78f3b9cc600d1cd4ec96
21a7ae5c7541cd7322cdd1d73bcf1c5d1b47b830dd864079e6d8337a47d32839
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.7.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Mon, 31 Oct 2022 06:46:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 30 Nov 2022 17:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 12707
Content-Type: text/css
www.nwl.com.qa/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.7.3
162.214.80.109200 OK 4.4 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.7.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30283), with no line terminators
Hash c2c381b76f533a3992b1060b1e8275ed
8441603d412df07e265d70d72569bd3ed90c51ee
6b1c02e5f7f5a04d0320c0a69a67651c6c322b81dfcf1ad9ca29e0f7374cf613
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.7.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Mon, 31 Oct 2022 06:46:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 30 Nov 2022 17:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4436
Content-Type: text/css
www.nwl.com.qa/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.1
162.214.80.109200 OK 900 B URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.1
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3432)
Hash 1e0ef5b4ebd931aecd01564980628978
e618b92e03a6c4bd4abffed22abb1e835c05a601
1deef467f6db854d82e8c6288086664c7cf60a41b18bb7216d63bb83061ba878
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.4.1 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Mon, 31 Oct 2022 06:46:25 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 30 Nov 2022 17:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 900
Content-Type: text/css
www.nwl.com.qa/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.0
162.214.80.109200 OK 21 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.0
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65497)
Hash b1abb71ece892830c47e5377eded385e
637ccc0f3fae4703bd1ee75dc2c91adbf1f223a9
bf9c33a6d85aa0b33ebbf7b2501ba6a6e61957cd689e9adaf1f1df51dc5ad187
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.0 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Mon, 31 Oct 2022 06:46:19 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 30 Nov 2022 17:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: text/css
www.nwl.com.qa/wp-content/themes/gardena/style.css?ver=6.0.3
162.214.80.109200 OK 89 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/themes/gardena/style.css?ver=6.0.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text
Hash 92f3a0e477925696469ce9791a7bf94f
3e23b52d6f2f6fd3f624af1ee9b5b1c02b9dbbd9
32a38300a59bb931a2e7742a4a97f100026bbd26d72a588aa2ac3bfc0bddc4c0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/gardena/style.css?ver=6.0.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 25 Oct 2022 21:33:06 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 30 Nov 2022 17:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: text/css
www.nwl.com.qa/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.214.80.109200 OK 4.6 kB URL HTTP/1.1 www.nwl.com.qa/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Thu, 27 Oct 2022 09:56:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4618
Content-Type: application/javascript
www.nwl.com.qa/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.7.3
162.214.80.109200 OK 80 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.7.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 6d26348a92eeb6194c1a3481e412b3ff
3e9bbd2aef414f89d04484f5cb23e6f2c7de7e82
b0bbe7e77b352b05538856a6ea95a1dcfd7cc33e4296f1798eab0b2019b6058e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.7.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Mon, 31 Oct 2022 06:46:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 30 Nov 2022 17:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: text/css
www.nwl.com.qa/wp-content/plugins/bold-page-builder/css/front_end/content_elements.crush.css?ver=4.4.6
162.214.80.109200 OK 138 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/bold-page-builder/css/front_end/content_elements.crush.css?ver=4.4.6
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (375)
Size 138 kB (137894 bytes)
Hash 4cedc5e211e3871d52c3eb36bc6ee69f
a4526b2fb018651f6d6e21df799c89689042f394
6c6f9dc8cb1a262a5120dc8bc0fdce1841d58271b1be6ec6a39291ef20b16d48
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bold-page-builder/css/front_end/content_elements.crush.css?ver=4.4.6 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 25 Oct 2022 21:38:44 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 30 Nov 2022 17:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: text/css
www.nwl.com.qa/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
162.214.80.109200 OK 39 kB URL HTTP/1.1 www.nwl.com.qa/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash feb933ceca72e1d76b471ed9db278b0d
6179e8f9c9876a6c4df5e3138e9f8ee2ac25bcd1
9a525fa92f98fd5ac754d60ea6f3676bcaa3870dd9bf057c8c668399922c9bd0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Thu, 27 Oct 2022 09:56:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript
www.nwl.com.qa/wp-content/plugins/bold-page-builder/slick/slick.min.js?ver=4.4.6
162.214.80.109200 OK 14 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/bold-page-builder/slick/slick.min.js?ver=4.4.6
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (42862)
Hash e61b26be7b27fbf2a5c2f479364c12b8
ff046102856e16854639a9862521c193fa05e9d7
19f098db827ce2943ab549c6fb9b142c4cc70aa9ecd7d3afc657a3a0eed8be88
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bold-page-builder/slick/slick.min.js?ver=4.4.6 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 21:39:00 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 14332
Content-Type: application/javascript
www.nwl.com.qa/wp-content/plugins/bold-page-builder/content_elements_misc/js/jquery.magnific-popup.min.js?ver=4.4.6
162.214.80.109200 OK 9.2 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/bold-page-builder/content_elements_misc/js/jquery.magnific-popup.min.js?ver=4.4.6
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (20087)
Hash 7a10ae63b238729dc4da7f7bd8986219
654c47168dca0ec7080f6c57e8c4482b57f879d4
b782185399b361358f7c409d6f23f22d45f695dcbb63876c35752c7b1de72db3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bold-page-builder/content_elements_misc/js/jquery.magnific-popup.min.js?ver=4.4.6 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 21:38:48 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 9204
Content-Type: application/javascript
www.nwl.com.qa/wp-content/plugins/bold-page-builder/content_elements_misc/js/content_elements.js?ver=4.4.6
162.214.80.109200 OK 9.2 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/bold-page-builder/content_elements_misc/js/content_elements.js?ver=4.4.6
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 470961ee0293aa120ba25b245f24ae8e
4579b62c93bd07e8dcd70cdd30439dcbcde8f67e
549d845cfd828785401ec2a0e73664a79bb0cb06a6f6a965197a34e53509bdfc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bold-page-builder/content_elements_misc/js/content_elements.js?ver=4.4.6 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 21:38:50 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 9247
Content-Type: application/javascript
www.nwl.com.qa/wp-content/themes/gardena/framework/js/fancySelect.js?ver=6.0.3
162.214.80.109200 OK 2.0 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/themes/gardena/framework/js/fancySelect.js?ver=6.0.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 88cf9d5756f6bfeccde84f50d8330c00
ad7cd1f9493b06cb871fae6a620d24b4738091b7
fad0f9b6c807f71b0bce7b84fb13389ce6b906b229cfe7eedb60ce4ccfcfa517
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/gardena/framework/js/fancySelect.js?ver=6.0.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 21:33:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1999
Content-Type: application/javascript
www.nwl.com.qa/wp-content/themes/gardena/framework/js/header.misc.js?ver=6.0.3
162.214.80.109200 OK 3.3 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/themes/gardena/framework/js/header.misc.js?ver=6.0.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 32d8a03a6588f03372bd19b589ee43a3
fe29b6819f34f295f97e07a5686d40f3aaa97a69
802c008c90a718c74857b3f13001150b0ffc8227f56f0bd8c99537809020f45e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/gardena/framework/js/header.misc.js?ver=6.0.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 21:33:30 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3324
Content-Type: application/javascript
www.nwl.com.qa/wp-content/themes/gardena/framework/js/misc.js?ver=6.0.3
162.214.80.109200 OK 2.1 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/themes/gardena/framework/js/misc.js?ver=6.0.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5bee0a6bb045e46d8b0eb73876db19a0
da65b52c0f76cf95992bb38ec1a51bb695651570
0d4721159646cb812d4d725c21e4f4122b0e855d8e30bdbb43f969045a0eaf49
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/gardena/framework/js/misc.js?ver=6.0.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 21:33:30 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2137
Content-Type: application/javascript
www.nwl.com.qa/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.7.3
162.214.80.109200 OK 40 B URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.7.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 94d041d462db321cdb888066586f2068
717d2f9da7fb9f9e2bf2058a8177a0344f8a8647
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.7.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Mon, 31 Oct 2022 06:46:23 GMT
Accept-Ranges: bytes
Content-Length: 40
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Type: application/javascript
www.nwl.com.qa/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.7.3
162.214.80.109200 OK 54 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.7.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (45047)
Hash bcc42ba371dc2e6e10883f8dab49539d
8f0fec91c993cac2ea573e60132d6cf63dfb10a1
508982b1ce58826af6405339de2a40b335469a55d5f3a3883d8a922e198033de
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.7.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Mon, 31 Oct 2022 06:46:23 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript
www.nwl.com.qa/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.1
162.214.80.109200 OK 2.9 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.1
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8016), with no line terminators
Hash 3fb911c81f788558bc6d1107199f3531
6dc32db62563450febea4e0f43b7da34defbb99a
7ac7ac2450edf5bb80788a92c271b0a0e806aacbfd4cced63e941a3035cf43c1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.4.1 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Mon, 31 Oct 2022 06:46:25 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2938
Content-Type: application/javascript
www.nwl.com.qa/wp-content/plugins/bold-page-builder/content_elements/bt_bb_section/bt_bb_elements.js?ver=4.4.6
162.214.80.109200 OK 693 B URL HTTP/1.1 www.nwl.com.qa/wp-content/plugins/bold-page-builder/content_elements/bt_bb_section/bt_bb_elements.js?ver=4.4.6
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash f773df13d5e566dbb9809bb2c44e8de6
2ac9e83185fcdedfc44bfaa8a886a7ca42aba66d
ec371ec41eae8c23693cb5ccc4fe07805fa0bee3109c47c16269f86895513194
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/bold-page-builder/content_elements/bt_bb_section/bt_bb_elements.js?ver=4.4.6 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 21:39:20 GMT
Accept-Ranges: bytes
Cache-Control: max-age=21600
Expires: Mon, 31 Oct 2022 23:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 693
Content-Type: application/javascript
www.nwl.com.qa/wp-content/themes/gardena-child/style.css?ver=1.0.0
162.214.80.109200 OK 273 B URL HTTP/1.1 www.nwl.com.qa/wp-content/themes/gardena-child/style.css?ver=1.0.0
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash ec5464a46d3b07700f144437781b4729
e3c89bf2c54eeaa3f7eb39cd423a23a32bb93aac
45a84de36fccee7815b8a8edd9ba69792935b0d13fd210968e9dd65e7445bf9f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/gardena-child/style.css?ver=1.0.0 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:33 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 21:34:16 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 30 Nov 2022 17:58:33 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 273
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5580dc56f5c8e3012864d54092c07b3a
fb9997cf8b29e970213ed34a4d637bb8525a6eb0
cadce1c220b25d204eabfced3ba1f72efc34c3273f372dc90f098e78d4f038ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5580dc56f5c8e3012864d54092c07b3a
fb9997cf8b29e970213ed34a4d637bb8525a6eb0
cadce1c220b25d204eabfced3ba1f72efc34c3273f372dc90f098e78d4f038ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/notosanstc/v26/-nFkOG829Oofr2wohFbTp9i9kwMvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
216.58.207.195200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/notosanstc/v26/-nFkOG829Oofr2wohFbTp9i9kwMvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), CFF, length 24988, version 1.0\012- data
Hash c687f6074815401ada189662dec3dcc0
0296a20919064dcd6e3c65e0a953ea568b59eb63
7f6414cf2eb4aacdc05b32aa5c2b57d2b3d611ca6ec0d4e4ecc3a57a85b9fb1a
GET /s/notosanstc/v26/-nFkOG829Oofr2wohFbTp9i9kwMvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.nwl.com.qa
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24988
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Oct 2022 07:12:13 GMT
expires: Wed, 25 Oct 2023 07:12:13 GMT
cache-control: public, max-age=31536000
age: 557181
last-modified: Mon, 09 May 2022 18:55:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7824, version 1.0\012- data
Hash af4d371a10271dafeb343f1eace762bc
6d11d743bc3cfb169d70bc86450f18351dc1a905
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.nwl.com.qa
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 19:50:33 GMT
expires: Thu, 26 Oct 2023 19:50:33 GMT
cache-control: public, max-age=31536000
age: 425281
last-modified: Wed, 27 Apr 2022 16:52:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.nwl.com.qa
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 19:30:59 GMT
expires: Thu, 26 Oct 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 426455
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.nwl.com.qa/wp-content/themes/gardena/print.css?ver=6.0.3
162.214.80.109200 OK 431 B URL HTTP/1.1 www.nwl.com.qa/wp-content/themes/gardena/print.css?ver=6.0.3
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 6019e5d18777ff7cd4c6c43c8925302a
dda47c4bfe7298880111cd696848149bb8f6ebff
461259079806f26bd545169ee0d99073195d39e080ebf5b560b89c159915fcad
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/gardena/print.css?ver=6.0.3 HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:34 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 21:33:06 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Wed, 30 Nov 2022 17:58:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 431
Content-Type: text/css
nwl.mm.qa/wp-content/uploads/2022/10/MM-Main-Logo-2-300x92-1.png
159.223.41.111200 OK 12 kB URL HTTP/2 nwl.mm.qa/wp-content/uploads/2022/10/MM-Main-Logo-2-300x92-1.png
IP 159.223.41.111:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 300 x 92, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f93b3d14cf0117f47a038e199a8cb34
6d932a39f0384cdcda97ec3e2d238b1bbdb23adf
dea483d71648b593071399fc12767f6c79c41e5fc5055d9dedf1de2ea021e9db
GET /wp-content/uploads/2022/10/MM-Main-Logo-2-300x92-1.png HTTP/1.1
Host: nwl.mm.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nwl.com.qa/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 31 Oct 2022 17:58:33 GMT
content-type: image/png
content-length: 11736
last-modified: Mon, 03 Oct 2022 18:53:25 GMT
etag: "633b2fa5-2dd8"
cache-control: public, max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5580dc56f5c8e3012864d54092c07b3a
fb9997cf8b29e970213ed34a4d637bb8525a6eb0
cadce1c220b25d204eabfced3ba1f72efc34c3273f372dc90f098e78d4f038ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 17:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nwl.com.qa/wp-content/themes/gardena/gfx/plug.png
162.214.80.109200 OK 23 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/themes/gardena/gfx/plug.png
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 313 x 530, 8-bit/color RGBA, non-interlaced\012- data
Hash 4e7128253124f382bfa76f0aef4122ba
9ca14ce06937f43c1b4b831af83bca1fb522d32e
c425034ab60bd81433cfdf6aa38b35f79ecac4d76bd39b3b37da6bb325fcdcf3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/gardena/gfx/plug.png HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:34 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 21:33:42 GMT
Accept-Ranges: bytes
Content-Length: 23119
Cache-Control: max-age=31536000
Expires: Tue, 31 Oct 2023 17:58:34 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Type: image/png
www.nwl.com.qa/wp-content/uploads/2022/10/cropped-NWL-Favicon-192x192.png
162.214.80.109200 OK 17 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/uploads/2022/10/cropped-NWL-Favicon-192x192.png
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 6d4181052d10e3ffaefccf74cf3c3437
9f242aa800c23e24a359ff913becffe6f396eda0
2c4c61036cc12245ce4ef19f5f829caaf8fc9cf0d82b10d1b745588b4ed679e7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/cropped-NWL-Favicon-192x192.png HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 17:58:34 GMT
Server: Apache
Last-Modified: Tue, 25 Oct 2022 20:45:52 GMT
Accept-Ranges: bytes
Content-Length: 16978
Cache-Control: max-age=31536000
Expires: Tue, 31 Oct 2023 17:58:34 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Type: image/png
www.nwl.com.qa/wp-content/uploads/2022/10/cropped-NWL-Favicon-32x32.png
162.214.80.109404 Not Found 39 kB URL HTTP/1.1 www.nwl.com.qa/wp-content/uploads/2022/10/cropped-NWL-Favicon-32x32.png
IP 162.214.80.109:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62484), with CRLF, LF line terminators
Hash b729ed59c92e9db6e2392573cf5593a0
9f18ad337bafafaeffb4a7f0879b17b41fd14ddb
f9581348a9d70422ca21737c1a1dc93b5135b748dbdd51ecb5dbe0dce123d11c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/cropped-NWL-Favicon-32x32.png HTTP/1.1
Host: www.nwl.com.qa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.nwl.com.qa/es/offerrogers
HTTP/1.1 404 Not Found
Date: Mon, 31 Oct 2022 17:58:34 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://www.nwl.com.qa/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
fonts.googleapis.com/css?family=Noto+Sans+TC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CNoto+Sans+TC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CNoto+Sans+TC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CNoto+Sans+TC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSpectral%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans+TC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CNoto+Sans+TC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CNoto+Sans+TC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CNoto+Sans+TC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSpectral%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0
IP 142.250.74.10:0
GET /css?family=Noto+Sans+TC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CNoto+Sans+TC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CNoto+Sans+TC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CNoto+Sans+TC%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSpectral%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CPoppins%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin%2Clatin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.nwl.com.qa/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 31 Oct 2022 17:58:33 GMT
date: Mon, 31 Oct 2022 17:58:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2