| iieg.egy-best.net/login.php | 188.114.97.1 | 301 Moved Permanently | 0 B |
URL HTTP/1.1iieg.egy-best.net/login.php IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /login.php HTTP/1.1
Host: iieg.egy-best.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 31 Dec 2022 10:17:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 31 Dec 2022 11:17:55 GMT
Location: https://iieg.egy-best.net/login.php
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAgrFf%2BwSsf8ckScVc0JsgKr%2FCQkXojpZEWHq%2BptStJKruUUHIxHv7WDEiDqLNZam9Yd2Ldc00%2FePeWA2S2bpxdx6sQxRbgLKuqmnzoZRC1niL6iSzUdtAemjww04ocgb5pUBg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 782244ab49aab51b-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0e93d32de9bcebd3483b40a8fed30718 7e1fe5db1f08b75a079780717e4f18ad76767212 4f0aaacfefd27c89225a1a0d2fbe778ec4f3369b5e4e1599255bf12866196cd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F0AAACFEFD27C89225A1A0D2FBE778EC4F3369B5E4E1599255BF12866196CD4"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3646
Expires: Sat, 31 Dec 2022 11:18:41 GMT
Date: Sat, 31 Dec 2022 10:17:55 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5c6a87f6d6b5c54dcb1b630ae6001c73 e0315c9936d6f2f58ff7d078e74a8ec7802265a8 d88ef07b9fcfb42d27a490cb57df4adaf3261efc7d0b38246db387da3ca32a8d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D88EF07B9FCFB42D27A490CB57DF4ADAF3261EFC7D0B38246DB387DA3CA32A8D"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6439
Expires: Sat, 31 Dec 2022 12:05:14 GMT
Date: Sat, 31 Dec 2022 10:17:55 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 31 Dec 2022 09:35:39 GMT
content-type: application/json
age: 2537
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6d6d99cd1201f65eeb7d437b62bad1f3 6d5e41d7a2786ccaad7c7276ecdd9411f8cbd6ba db2b42007fc4ad126c8af8d7cce27af88947231d09ded56da33cfee3d2594e23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB2B42007FC4AD126C8AF8D7CCE27AF88947231D09DED56DA33CFEE3D2594E23"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3982
Expires: Sat, 31 Dec 2022 11:24:18 GMT
Date: Sat, 31 Dec 2022 10:17:56 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb1fcd419a4245617397846e8d17233f6 2a037ce244587640b27ead9a0ec2af4f862d91b2 e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 207/77+1VB+RfwpAUDe97TqxpFvprApcGarwdrBwtQRx0RAeub/bS1Nq4zBZ3S5sKsslvRQStag=
x-amz-request-id: 7Q3F7W9SAAZNMD0A
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 31 Dec 2022 09:57:23 GMT
age: 1233
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 31 Dec 2022 10:17:56 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashde1091526f6e1649dc1063b6d17339b4 9e7c524379d3fef233c0b67669d4267a9c562181 005cb5e18d300d8edf8ca3477fc4dc6bc26b270ab2cf5aa1927edfa931cb192e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=170706
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 10:17:56 GMT
Etag: "63b00426-118"
Expires: Mon, 02 Jan 2023 09:43:02 GMT
Last-Modified: Sat, 31 Dec 2022 09:43:02 GMT
Server: nginx
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashde1091526f6e1649dc1063b6d17339b4 9e7c524379d3fef233c0b67669d4267a9c562181 005cb5e18d300d8edf8ca3477fc4dc6bc26b270ab2cf5aa1927edfa931cb192e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=170706
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 10:17:56 GMT
Etag: "63b00426-118"
Expires: Mon, 02 Jan 2023 09:43:02 GMT
Last-Modified: Sat, 31 Dec 2022 09:43:02 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 31 Dec 2022 10:08:10 GMT
age: 586
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 3.7 kB |
IP93.184.220.29:0
Hash2a86fd415725ef90bf0dbef07a58ffe4 30ad929427742da9d122c560780e2bcfb3fb00ed b0488fcdb9a8b3e49db232a57e8b8c6106a3edb9531bce2daa1cf4a20acf135b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2044
Cache-Control: max-age=124880
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 10:17:56 GMT
Etag: "63af4928-117"
Expires: Sun, 01 Jan 2023 20:59:16 GMT
Last-Modified: Fri, 30 Dec 2022 20:25:12 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 2.6 kB |
IP93.184.220.29:0
Hash8056b6c8b985707ebfe956b31f497fbf 384a5f34bee4c32135ee227e30074a3f1db5451f 9f731cb3718da71125eb152f1e8d2a21a0bdb2eed4bc17461d5bfc88b8c15427
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1311
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 10:17:56 GMT
Last-Modified: Sat, 31 Dec 2022 09:56:05 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 280
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js | 104.17.24.14 | 200 OK | 27 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (32065) Hash63827323c175768ccb0e8ed54589a3e5 9760e238d6ecced66396798559f70593793d801e 196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://masr.egy-best.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 31 Dec 2022 10:17:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8102936
expires: Thu, 21 Dec 2023 10:17:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wx5Vs22mmK%2FXfQJ%2Ff4351X5ri%2BWw7AfBZYb5XnhR4fI%2BY4hzIvhAVQ3j1BtbLNw5mArnZV891Ht4e9cwCEkphjjjxRIdJi2kAo6Fg%2B6YKqrjZ8fTH3ruhNmAAI7ji5LREDacNwJB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 782244b1481ab51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 2.1 kB |
IP93.184.220.29:0
Hash95e44ffc55a94e5722f37f1d85b8f6db 1321e6cb6da3ffedca8baba8d5000786dbd40b30 6587b491d3c7e420dc4edc3d9189329257c53c36d5400a52aeed69ab17188b55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 250
Cache-Control: max-age=168784
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 10:17:56 GMT
Etag: "63affbaa-1d7"
Expires: Mon, 02 Jan 2023 09:11:00 GMT
Last-Modified: Sat, 31 Dec 2022 09:06:50 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 918 B |
IP142.250.74.131:0
Hasha8f815d138002b1f628dda18a162a4d8 f2407b4ea91326187f325e8e43a5b7157dbfdb00 ea0c131e9ff5b063b6053cd629c61af953b97559d3c38b477b6c2db0e8a9f2ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 10:17:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| code.jquery.com/jquery-migrate-1.2.1.min.js | 69.16.175.10 | 200 OK | 3.1 kB |
URL HTTP/2code.jquery.com/jquery-migrate-1.2.1.min.js IP69.16.175.10:0
File typeASCII text, with very long lines (7085) Hashe1084a25976d8b8999acadc7350ffb48 99b723d38b78d8347e8dfa60193b12864a370227 b98359c65420aa3864d5b86ef94c4c9a5fb8c772a905884a5ba4ce55319a3d13
GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://masr.egy-best.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 31 Dec 2022 10:17:56 GMT
content-encoding: gzip
content-length: 3063
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1c1f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.COS0wJ0GEocBCiQ3MTQ2OWJlZC1jYjk2LTQ3NDgtODY2NC1mYmMwOWQ0OGE3OGQQ+OiCoKvU+wIaBgjUmMCdBiIMOTEuOTAuNDIuMTU0KK3VAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GisIARIkZDY1MDQ1Y2YtOWUxMS00MjYzLTg4NGYtZGExYmIzNWFlZjg2GPcXIhgIAhIUY2RzMjQyLnNrMS5od2Nkbi5uZXQ=.Kx6xjvyghIO3ODHTgVkpJwC1kdCCdtLERFcuiWx7asY=
x-hw: 1672481876.dop023.sk1.t,1672481876.cds262.sk1.hn,1672481876.cds242.sk1.c
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 1.1 kB |
IP142.250.74.131:0
File typegzip compressed data, from Unix\012- data Hash3ebfefb4ef45a2ddb127747ef4a12bc4 df3250463ca4bbf9c58f2f5a9fa6942edc9f90dc 4e61476ab06d0609f112926ac1f29dd4a42444273f60c007bfa5f9ffcadbee98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 10:17:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 5.7 kB |
IP93.184.220.29:0
Hash38b19f34615e766800a91e6e772ed169 fa9d9d7f570be5d2c74e5fdea6728ea1249d789c d1acec882636a097fda1529b606db83f8a25656dea791ddb91ab89b79a18ce89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2044
Cache-Control: max-age=124880
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 10:17:56 GMT
Etag: "63af4928-117"
Expires: Sun, 01 Jan 2023 20:59:16 GMT
Last-Modified: Fri, 30 Dec 2022 20:25:12 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 1.4 kB |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash048d1515477143df3afb666aaa0197cb 1217bcc16d78df1f3b6e3bfab98445023c462638 99906b83d3f4bc1fe2a72b52018de57d24311b31d449ec2b3ea16ce20c2bf575
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1511EB0C1006FF7665A0CC84E5094C814BC459863248C3528025575F2861ED15"
Last-Modified: Fri, 30 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7576
Expires: Sat, 31 Dec 2022 12:24:12 GMT
Date: Sat, 31 Dec 2022 10:17:56 GMT
Connection: keep-alive
|
|
| fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700 | 142.250.74.106 | 200 OK | 1.1 kB |
URL HTTP/2fonts.googleapis.com/css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700 IP142.250.74.106:0
Hash36ee12d7194ebf794f5dc5ce21445721 a919394d3b9f12cc1cf799089d0132e700afd483 131a5db25e0a0d3fb5c3c024ec5ee85e6767d2acaa68cd91ffad97974b725fde
GET /css?family=Roboto:400,300,500,700|Noticia+Text:400,400italic,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://masr.egy-best.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 31 Dec 2022 10:17:56 GMT
date: Sat, 31 Dec 2022 10:17:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-123348492-7 | 142.250.74.168 | 200 OK | 44 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-123348492-7 IP142.250.74.168:0
File typeASCII text, with very long lines (1921) Hash0f814fef9bc6679342df427479f1b46a 8e75557ce141781270edf7d2bccc158805244e9d e93567986b0cf7a930f1f232d6175faf2aed2715c3aaceef60d583d8b2321729
GET /gtag/js?id=UA-123348492-7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://masr.egy-best.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 31 Dec 2022 10:17:56 GMT
expires: Sat, 31 Dec 2022 10:17:56 GMT
cache-control: private, max-age=900
last-modified: Sat, 31 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43632
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 7.6 kB |
IP142.250.74.131:0
Hash9324a39b969b2d82de58b07a53d742b0 306666eb067d7e3f9fb11b541c8736f1c6505d66 bea56f2d816071816ced0b15da1fb0967104e69763e21919914fef9539a1822f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 10:17:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash2b5593d2ab79d3712ed8b96dd22b5465 653a41ce6edf4a7bba2ddf88cd525291fcb2ca0b 34fc88630bd744b6e764b96eecfbddb1bb9166eec8de596081e3e97839631dea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 10:17:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash443ce41ff97c3750498c922cc5a9e090 1e99d6ee75817c8a2ad85b31470aa6fa3e60df22 d616c380af3f7b454bd1a0fdae2796fbc20c6eb30f3b975957d9bb0b5f42a711
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D616C380AF3F7B454BD1A0FDAE2796FBC20C6EB30F3B975957D9BB0B5F42A711"
Last-Modified: Fri, 30 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13991
Expires: Sat, 31 Dec 2022 14:11:07 GMT
Date: Sat, 31 Dec 2022 10:17:56 GMT
Connection: keep-alive
|
|
| use.fontawesome.com/releases/v5.8.2/webfonts/fa-brands-400.woff2 | 172.64.133.15 | 200 OK | 76 kB |
URL HTTP/2use.fontawesome.com/releases/v5.8.2/webfonts/fa-brands-400.woff2 IP172.64.133.15:0
Hash6e26d77872a28a37d550b1d826ad3610 5a8a1ddff2f21a18640dd53193003b35094870ee 5378fd72313c7d5651facb8a10beecd8f60c3971e26df926835d188bfc49ac60
GET /releases/v5.8.2/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://masr.egy-best.net
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 31 Dec 2022 10:17:56 GMT
content-type: font/woff2
content-length: 74656
x-amz-id-2: kaESM1XOsKVCVzW+/E+YWLzQyig2J7MKLcnXWnLUc5d90+ov48VFUz8miGXASTm1jNe5lXpeyzY=
x-amz-request-id: 0CKNFA04T22MY0EM
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:47:20 GMT
etag: "9f4ce3dc689981a1b87faab0f5484f9e"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1019315
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHTNRTjWLEeF%2B22DpzU6Zi6n2uluGFtA6AdHwL9wwi92ZO7uCH1WcTzKb2ayofAWMvlWDaJiEFg0lm7eNL9iPdiOmM4FR2ybUoJEHSuUvMqgSvqOaUckPPdDrIx98Hc978bLKlnR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 782244b24fe9771d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.8.2/webfonts/fa-regular-400.woff2 | 172.64.133.15 | 200 OK | 14 kB |
URL HTTP/2use.fontawesome.com/releases/v5.8.2/webfonts/fa-regular-400.woff2 IP172.64.133.15:0
File typeWeb Open Font Format (Version 2), TrueType, length 13584, version 329.-17695\012- data Hash7980a6361c25b4665dbbe92d4488783c 22516802ef9ac878298519c18ffab11769ee6cd7 9da8be2e5def63c77f53ed660306098debe21d622c79756180a4a626ba21c6af
GET /releases/v5.8.2/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://masr.egy-best.net
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 31 Dec 2022 10:17:56 GMT
content-type: font/woff2
content-length: 13584
x-amz-id-2: BVgOP20RxFlu0mbAm9EzuooUW5bs7KxHzv8DYt33ABhgQxSIjo0ghoBo4UPsjKtJ5dEJF/QI2PU=
x-amz-request-id: 0CKWTER5XYWV8A3B
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:47:20 GMT
etag: "7980a6361c25b4665dbbe92d4488783c"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1019315
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c8f%2Fm5ZVrS%2B2t5PaW5RayB2J8Jx7zJ98s9icsSgRDRL6D9bLkn29nn%2FmBuZu2t6449HnuuGDvsFTEwwa68tGCQyuIjghgDbPmIP2LYZNYtGoktXWbp03sGn%2BJ1PD5t6NIOsZLx6w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 782244b26808771d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| henoticpipi.com/gokFmMUPxMej/45553 | 23.109.248.164 | 200 OK | 26 B |
URL HTTP/1.1henoticpipi.com/gokFmMUPxMej/45553 IP23.109.248.164:0
File typeASCII text, with no line terminators Hash4e5d65669f8dcd928dad06adf883f025 d771713d758c3348dd7e5b38bb40c7935399ae46 0bebbf029fa045e4f462855e6c44edf8aaa36ded05b07a8ce456b67416d20c95
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /gokFmMUPxMej/45553 HTTP/1.1
Host: henoticpipi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://masr.egy-best.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 31 Dec 2022 10:17:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://masr.egy-best.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sun, 01-Jan-2023 10:17:56 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Sun, 01-Jan-2023 10:17:56 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 12 kB |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashd2b7b43b7d927c962db6cf47921b45dd 01bbde94b3ab24b798ace57313f159c03e54fddf cf4b9ad3822e38200617620dc3586ae00f00264d2c19bf6ab88f33df06b4729e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0EA14C9688A0F84E73BFB224FAAF8302FAE78C5EAA2A50EB7A1E9441BEB78D7C"
Last-Modified: Wed, 28 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17306
Expires: Sat, 31 Dec 2022 15:06:22 GMT
Date: Sat, 31 Dec 2022 10:17:56 GMT
Connection: keep-alive
|
|
| s10.histats.com/js15_as.js | 46.105.201.240 | 200 OK | 4.4 kB |
URL HTTP/2s10.histats.com/js15_as.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (11440), with no line terminators Hashed192092c129db6123a3397855f42619 067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e 998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://masr.egy-best.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 31 Dec 2022 10:12:18 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 915013916
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 35.164.56.167 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.164.56.167:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eE4irmErs/w4y8+XRlOcbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RwNsJBnBIs22bujVReGa4TfHdM4=
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashea77e8061f4e5eb041d7ba81a93ab1ce 07a57d2a4c725b5508a7dcf65501fb5a8ea8f395 264f9e839d07b7c6ff5402252ea5421e5f13c53efc3903165a24c050332c5382
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "264F9E839D07B7C6FF5402252EA5421E5F13C53EFC3903165A24C050332C5382"
Last-Modified: Fri, 30 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9733
Expires: Sat, 31 Dec 2022 13:00:10 GMT
Date: Sat, 31 Dec 2022 10:17:57 GMT
Connection: keep-alive
|
|
| my.rtmark.net/gid.js?userId=01130c2f4b5a4257a3ced065322b3584 | 139.45.195.8 | 200 OK | 65 B |
URL HTTP/2my.rtmark.net/gid.js?userId=01130c2f4b5a4257a3ced065322b3584 IP139.45.195.8:0
File typeJSON data\012- , ASCII text Hash68b68b88f247cc69ec035992cffdc8d8 921d54581d568c32232b39872429f5aef7b870c1 f1d486ce9513898c3bda8f60d965ac54126bbf9c41e6f2f255fb96ddbb5c6b8d
GET /gid.js?userId=01130c2f4b5a4257a3ced065322b3584 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://masr.egy-best.net
Connection: keep-alive
Referer: https://masr.egy-best.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 31 Dec 2022 10:17:57 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://masr.egy-best.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=01130c2f4b5a4257a3ced065322b3584; expires=Sun, 31 Dec 2023 10:17:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.110 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.110:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://masr.egy-best.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 31 Dec 2022 08:41:11 GMT
expires: Sat, 31 Dec 2022 10:41:11 GMT
cache-control: public, max-age=7200
age: 5806
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| s4.histats.com/stats/0.php?4416498&@f16&@g1&@h1&@i1&@j1672481870383&@k0&@l1&@m%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%AF%D8%AE%D9%88%D9%84%20-%20EgyBest%20-%20%D8%A7%D9%8A%D8%AC%D9%8A%20%D8%A8%D8%B3%D8%AA%20%D8%A7%D9%84%D8%A7%D8%B5%D9%84%D9%8A%20-%20%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%8A%D8%AC%D9%8A%20%D8%A8%D8%B3%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20-%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D8%A7%D9%81%D9%84%D8%A7%D9%85%20%D9%88%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:18040709&@b3:1672481870&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmasr.egy-best.net%2Flogin.php&@w | 54.39.128.117 | 200 OK | 1.1 kB |
URL HTTP/1.1s4.histats.com/stats/0.php?4416498&@f16&@g1&@h1&@i1&@j1672481870383&@k0&@l1&@m%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%AF%D8%AE%D9%88%D9%84%20-%20EgyBest%20-%20%D8%A7%D9%8A%D8%AC%D9%8A%20%D8%A8%D8%B3%D8%AA%20%D8%A7%D9%84%D8%A7%D8%B5%D9%84%D9%8A%20-%20%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%8A%D8%AC%D9%8A%20%D8%A8%D8%B3%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20-%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D8%A7%D9%81%D9%84%D8%A7%D9%85%20%D9%88%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:18040709&@b3:1672481870&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmasr.egy-best.net%2Flogin.php&@w IP54.39.128.117:0
Hash3b0ad3dedea0936d16364af9890ec718 3d12a1c5d80177bd5d96f7d8302a4b354d439555 03d638a284ab25799bfcbbad6f978b01e5c0a02fa056b93a8a943b5f7552a459
GET /stats/0.php?4416498&@f16&@g1&@h1&@i1&@j1672481870383&@k0&@l1&@m%D8%AA%D8%B3%D8%AC%D9%8A%D9%84%20%D8%AF%D8%AE%D9%88%D9%84%20-%20EgyBest%20-%20%D8%A7%D9%8A%D8%AC%D9%8A%20%D8%A8%D8%B3%D8%AA%20%D8%A7%D9%84%D8%A7%D8%B5%D9%84%D9%8A%20-%20%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%8A%D8%AC%D9%8A%20%D8%A8%D8%B3%D8%AA%20%D8%A7%D9%84%D8%AC%D8%AF%D9%8A%D8%AF%20-%20%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D8%A7%D9%81%D9%84%D8%A7%D9%85%20%D9%88%D9%85%D8%B3%D9%84%D8%B3%D9%84%D8%A7%D8%AA%20%D8%A7%D9%88%D9%86%20%D9%84%D8%A7%D9%8A%D9%86&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:18040709&@b3:1672481870&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmasr.egy-best.net%2Flogin.php&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://masr.egy-best.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 10:17:57 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 52
Connection: close
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash118862dd91acadbe96bd8df464b5d944 1f18ca3394c0502b2447001d8115d8f69211a72b 599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10276
Expires: Sat, 31 Dec 2022 13:09:14 GMT
Date: Sat, 31 Dec 2022 10:17:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash118862dd91acadbe96bd8df464b5d944 1f18ca3394c0502b2447001d8115d8f69211a72b 599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10276
Expires: Sat, 31 Dec 2022 13:09:14 GMT
Date: Sat, 31 Dec 2022 10:17:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash118862dd91acadbe96bd8df464b5d944 1f18ca3394c0502b2447001d8115d8f69211a72b 599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10276
Expires: Sat, 31 Dec 2022 13:09:14 GMT
Date: Sat, 31 Dec 2022 10:17:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash118862dd91acadbe96bd8df464b5d944 1f18ca3394c0502b2447001d8115d8f69211a72b 599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10276
Expires: Sat, 31 Dec 2022 13:09:14 GMT
Date: Sat, 31 Dec 2022 10:17:58 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5875cc8-7c26-4fd6-bc91-e5a323afe2d2.jpeg | 34.120.237.76 | 200 OK | 4.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5875cc8-7c26-4fd6-bc91-e5a323afe2d2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe61180c1c331a8f46180dde734bd634b 6c5b34d27f670dbb6dd7a66d53d54167876cc14f b0b7c9448bfa0c5708201e8c146c7254cb1cebc2e951e463b19d3e51886b369f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5875cc8-7c26-4fd6-bc91-e5a323afe2d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4838
x-amzn-requestid: 5f982c3c-5561-4d21-9b83-e7dd7b95e152
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sLGHNNIAMF5ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a46-7dc539316849f9b574287b9f;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YmXdRrDR4EMHfkyv7pXlaHUuzgOEEghrzdH0epespJrxWog26EjH8A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:49:14 GMT
age: 44924
etag: "6c5b34d27f670dbb6dd7a66d53d54167876cc14f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| eephaush.com/?rb=RR83WhFIoa_6CzDdF3YDy4FCb-tIVhgz7aCJUw84AhSdLNpi4Iovbd3HdIxD0qTHqTRabnvCBKdnKVfTeqDYpeub9jfeJCBKc7wNEK19_elCxPti7An-g2GJG9PP8M51OItGPxbEvr_JuzGQxUo1YBsl4qZYQwysPt12eXyWHUCKFxyj5cCITj_vMBQ5hhwAA1S-CtJH09J7cbKExvqO80WHZw667HdPEhXGVsBOnFS-BAQP&request_ab2=0&zoneid=4601741&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fmasr.egy-best.net%2Flogin.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.464.1&bs=638a330a-396e-4f84-a232-785b7b9c62f0&userId=01130c2f4b5a4257a3ced065322b3584&m=link | 139.45.197.236 | 200 OK | 29 kB |
URL HTTP/2eephaush.com/?rb=RR83WhFIoa_6CzDdF3YDy4FCb-tIVhgz7aCJUw84AhSdLNpi4Iovbd3HdIxD0qTHqTRabnvCBKdnKVfTeqDYpeub9jfeJCBKc7wNEK19_elCxPti7An-g2GJG9PP8M51OItGPxbEvr_JuzGQxUo1YBsl4qZYQwysPt12eXyWHUCKFxyj5cCITj_vMBQ5hhwAA1S-CtJH09J7cbKExvqO80WHZw667HdPEhXGVsBOnFS-BAQP&request_ab2=0&zoneid=4601741&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fmasr.egy-best.net%2Flogin.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.464.1&bs=638a330a-396e-4f84-a232-785b7b9c62f0&userId=01130c2f4b5a4257a3ced065322b3584&m=link IP139.45.197.236:0
Hash6c23a9065628eba986c7ad70cdb72e01 7e548b1b79e24c58f0ea5da1430027e6dbe15ce7 77cf6d78ccd9a7b9980177dadb70391e8502be1ab9a9c0493d2c139534d8168a
GET /?rb=RR83WhFIoa_6CzDdF3YDy4FCb-tIVhgz7aCJUw84AhSdLNpi4Iovbd3HdIxD0qTHqTRabnvCBKdnKVfTeqDYpeub9jfeJCBKc7wNEK19_elCxPti7An-g2GJG9PP8M51OItGPxbEvr_JuzGQxUo1YBsl4qZYQwysPt12eXyWHUCKFxyj5cCITj_vMBQ5hhwAA1S-CtJH09J7cbKExvqO80WHZw667HdPEhXGVsBOnFS-BAQP&request_ab2=0&zoneid=4601741&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fmasr.egy-best.net%2Flogin.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.464.1&bs=638a330a-396e-4f84-a232-785b7b9c62f0&userId=01130c2f4b5a4257a3ced065322b3584&m=link HTTP/1.1
Host: eephaush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://masr.egy-best.net/
Origin: https://masr.egy-best.net
Connection: keep-alive
Cookie: OAID=01130c2f4b5a4257a3ced065322b3584; oaidts=1672481876
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 31 Dec 2022 10:17:57 GMT
content-type: application/json
x-trace-id: c02a05d9705a8b0e6cfc901521a8328e
access-control-allow-origin: https://masr.egy-best.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=01130c2f4b5a4257a3ced065322b3584; expires=Sun, 31 Dec 2023 10:17:57 GMT; path=/; secure; SameSite=None
oaidts=1672481877; expires=Sun, 31 Dec 2023 10:17:57 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 07 Jan 2023 10:17:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25f9647b-a062-474a-96b2-0b04f5e0328c.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25f9647b-a062-474a-96b2-0b04f5e0328c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc931888a790ebf9a456e6096ab46bd34 971c55aff0dbb01ac93a2c9649be6633880e09ac ba3d85fe6776c7f329d5fdb1febdbd6f3c09317029851940e3c99aeaee8d2400
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25f9647b-a062-474a-96b2-0b04f5e0328c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: f45ce04a-b0b1-4445-b6de-0f027bfc4264
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duqbtEQ3oAMFnEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8f117-6bc757e462070f3670bd962e;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 00:55:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IDgaaS-nBYdMd6IBnSfKiMBwho7g-C5oaNcCi-Tj2mb5i1fVqF3HOw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 00:40:48 GMT
age: 34630
etag: "971c55aff0dbb01ac93a2c9649be6633880e09ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1874564-89d0-4e8a-96f1-26aa13ef8307.jpeg | 34.120.237.76 | 200 OK | 7.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1874564-89d0-4e8a-96f1-26aa13ef8307.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashaeb8f265207dab756973b9dacac29d05 bcc455a8e604fb95085b5a2feda165452240fe5b 80fcb11a40c9127d6452762b0ff859eefab572a0a804ddeef3fae04651f9a4da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1874564-89d0-4e8a-96f1-26aa13ef8307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7149
x-amzn-requestid: 830ef706-5466-4589-951d-f0bb04059b33
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d42OPEOroAMFRwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad03f4-1c7c3dab40e6732e7f647c48;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 03:05:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _tchheOQ3G2v4NUxs-L-t-dgpE1L81Yu9ONoZFQY-jS5f9tn4oumPw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 04:06:12 GMT
age: 22306
etag: "bcc455a8e604fb95085b5a2feda165452240fe5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78e203f1-c52c-41a6-8634-ba90611fe8c7.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78e203f1-c52c-41a6-8634-ba90611fe8c7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2ac0f201926a22e91be6d4441014a13e 967a18ebd746598a67d5bd2d8a505acad7cb4152 82f1e0b97e3c306e0367fec75f348fa99b93bc8b435195daea34c87f96fbcdbf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78e203f1-c52c-41a6-8634-ba90611fe8c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12184
x-amzn-requestid: 12cc17c1-e6c8-4642-aa50-5a51b898455c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKDGxEIAMFhhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-1e42f57c26b8caff3dccdf38;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -bV0p_dRF3iXthoAQtFXcGZUibwV57PDHAKNiMnYZdgLa8HoVhJhbw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:48:35 GMT
age: 44963
etag: "967a18ebd746598a67d5bd2d8a505acad7cb4152"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg | 34.120.237.76 | 200 OK | 7.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdc62c3ca8bc387a91c7d4711b5bc2409 7a984b459227e11984faa2539569a90875a58d29 e14a0e22b58fc1f3f392b842573e3abff7b24eb66db6b351046a186acc3b2954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7660
x-amzn-requestid: 9338abf2-1191-47da-95ff-0a201604fbc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKCEDhoAMFZ4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-433f4ba9780dbc7a485ccbe9;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZCKSB-MwWwP2KTj7XMSHOZZcse5xmPE0JtkkBSLGnWqJdNyr-5oQzQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:51:37 GMT
age: 44781
etag: "7a984b459227e11984faa2539569a90875a58d29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| iieg.egy-best.net/login.php | 188.114.96.1 | 301 Moved Permanently | 0 B |
URL HTTP/2iieg.egy-best.net/login.php IP188.114.96.1:0
GET /login.php HTTP/1.1
Host: iieg.egy-best.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sat, 31 Dec 2022 10:17:56 GMT
content-type: text/html
location: https://masr.egy-best.net/login.php
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Efv1YRxToNcaoiZ0NMKQokxKs9TtevqJ2%2Fg%2FUfgq1GMapbG%2BwIKZ5Kd7ap100KTkll9eUyJ%2Bx7E5rbqLgUhu9yLja6bZJNIrNDaTqjsw8fks1Ylq60rDO7GK33e%2ByhLeY%2FEWLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 782244ae9d30b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2netdna.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js IP104.18.10.207:0
GET /bootstrap/3.2.0/js/bootstrap.min.js HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://masr.egy-best.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 31 Dec 2022 10:17:56 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 718, 718
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 2021-04-23 06:51:03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: fc677afec6931d1ef989be7fcd53b7bc
cdn-cache: HIT
cf-cache-status: HIT
age: 20592187
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 782244b17815b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.8.2/css/all.css | 172.64.133.15 | 200 OK | 0 B |
URL HTTP/2use.fontawesome.com/releases/v5.8.2/css/all.css IP172.64.133.15:0
GET /releases/v5.8.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://masr.egy-best.net
Connection: keep-alive
Referer: https://masr.egy-best.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 31 Dec 2022 10:17:56 GMT
content-type: text/css
x-amz-id-2: KLWs0oRTCdhYU/kkLPLb+YVEcW2Q+JDI52kPTuvUS9v/0H+i/v6PEqQXX2fe71rDkLEDTOYLFCk=
x-amz-request-id: TP7QX1JZN06D7RN3
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:47:00 GMT
etag: W/"77cbad34e5ce95e70847b074e05faeab"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1019447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIbaupBTLt2nnFD8%2F5Gdd18ot4NMihFpbkoNoytO9K1M7NAG%2FaNKw0ZWpcoPzku8ZUxtqVZTGJ58%2FwxUo5%2FyhQY6chcpEBHgop0OlaP7XeYfJcboGgz5zJt6mGJGi8FSPYqej%2BL0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 782244b17ed2771d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| eephaush.com/5/4601741 | 139.45.197.236 | 200 OK | 0 B |
IP139.45.197.236:0
GET /5/4601741 HTTP/1.1
Host: eephaush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://masr.egy-best.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 31 Dec 2022 10:17:56 GMT
content-type: application/javascript
x-trace-id: 168f1359b0c6875540265e92eeaf1322
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=01130c2f4b5a4257a3ced065322b3584; expires=Sun, 31 Dec 2023 10:17:56 GMT; path=/; secure; SameSite=None
oaidts=1672481876; expires=Sun, 31 Dec 2023 10:17:56 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|