r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 234b80a5a27f3d377e322e680413479d
3da8ba535ec19898f5b83ece48cd4038ac2bf557
370104df5dd8f739601a4be42ae41bb92f365dcf585823a3c14733f7c394e926
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "370104DF5DD8F739601A4BE42AE41BB92F365DCF585823A3C14733F7C394E926"
Last-Modified: Sun, 12 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9850
Expires: Mon, 13 Mar 2023 18:09:24 GMT
Date: Mon, 13 Mar 2023 15:25:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 405abd45d42535567c1ecb518f4bdb04
0505c27fe2921bfa89657173fb77ca7280f04772
bdef4e5edfe0bf3fefb4dc5625e41f3faeb23a0afd24c4e6255f40f757568c35
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDEF4E5EDFE0BF3FEFB4DC5625E41F3FAEB23A0AFD24C4E6255F40F757568C35"
Last-Modified: Sun, 12 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2271
Expires: Mon, 13 Mar 2023 16:03:05 GMT
Date: Mon, 13 Mar 2023 15:25:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ae4d7bec26e013433e638f87260aa632
62384e39bc90d0b2ab92895220f0383e678669f4
b704031d560770485c9552dcf56b911b7b5ad45d8a3f73acd17dbbbeeff294f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B704031D560770485C9552DCF56B911B7B5AD45D8A3F73ACD17DBBBEEFF294F4"
Last-Modified: Sun, 12 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9405
Expires: Mon, 13 Mar 2023 18:01:59 GMT
Date: Mon, 13 Mar 2023 15:25:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 13 Mar 2023 15:09:19 GMT
content-type: application/json
age: 955
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TzxpPUkhwduIpEYLMWFmL+pH3Q5CjiyDdjT7OO935WiP5H8QXN7d7m0cNGnVGbCrBLNzudTF4Vg=
x-amz-request-id: ZWFW4HRKC67PP66N
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 13 Mar 2023 15:20:10 GMT
age: 304
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 13 Mar 2023 15:25:14 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/?cont=QHdhcnJpb3Jib3kwOQ==&token=e3396dfe97dc0fc29aa2e4107798ef66
200 OK 42 kB URL HTTP/1.1 starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/?cont=QHdhcnJpb3Jib3kwOQ==&token=e3396dfe97dc0fc29aa2e4107798ef66
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2014), with CRLF line terminators
Hash 114c0c1cedd8532b75ce19c3188b0855
cd130cfed11138a972385e4266e573709ad275a3
19bbe886deb0a7add096a0eeca521dbff045a23008ab1fb647d260bb619db077
GET /nusenda/a1e90f87848a48c7e1c5a357449385cf/?cont=QHdhcnJpb3Jib3kwOQ==&token=e3396dfe97dc0fc29aa2e4107798ef66 HTTP/1.1
Host: starlightegypt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 15:25:14 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=i77ta8te16014i4l8uv3etnvr4; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/tecton/v1.8.5/q2-tecton-theme.css
200 OK 5.3 kB URL HTTP/1.1 starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/tecton/v1.8.5/q2-tecton-theme.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash ef75ad9db026fd7e674239d05e6502e3
40ba60dfab70cfd00b4920e7e89a920539d74014
26883c16c1f3b499ccdded9d093bf7926879cb12ce629898a91fa3d13519b88b
GET /nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/tecton/v1.8.5/q2-tecton-theme.css HTTP/1.1
Host: starlightegypt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/?cont=QHdhcnJpb3Jib3kwOQ==&token=e3396dfe97dc0fc29aa2e4107798ef66
Cookie: PHPSESSID=i77ta8te16014i4l8uv3etnvr4
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 15:25:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 13 Mar 2023 15:04:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5282
Keep-Alive: timeout=5, max=75
Content-Type: text/css
starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/app.css
200 OK 28 kB URL HTTP/1.1 starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/app.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash 25e389960a3e7b8148ab8c356c2e4ff2
7f5a19391c104e71d90f67421007f6ee19c415f8
92e61db175214917c599260734bb33de25993b753ae9009be3e4e4a749fb451a
GET /nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/app.css HTTP/1.1
Host: starlightegypt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/?cont=QHdhcnJpb3Jib3kwOQ==&token=e3396dfe97dc0fc29aa2e4107798ef66
Cookie: PHPSESSID=i77ta8te16014i4l8uv3etnvr4
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 15:25:14 GMT
Server: Apache
Last-Modified: Mon, 13 Mar 2023 15:04:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da1c71ebaa9b47c2152bfd09c8906233
6a59f9eb7d15bcb6a23448c2c1b0e3d5fc834c6c
678690297e67d412845e35343d3caca656775876764ec0ca10dd7b2e53f59421
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 13 Mar 2023 15:25:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/tecton-590048df214033d1c1591d552a32c9af.css
200 OK 1.9 kB URL HTTP/1.1 starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/tecton-590048df214033d1c1591d552a32c9af.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash f9181475c79de5f45f13c3b886380183
0faecd308c80010d0d46c41b7a0fcb84493d675f
092531276d805415e3f570c610aa9c138597c8cb5a973a9694789a7550130729
GET /nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/tecton-590048df214033d1c1591d552a32c9af.css HTTP/1.1
Host: starlightegypt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://starlightegypt.com/
Connection: keep-alive
Cookie: PHPSESSID=i77ta8te16014i4l8uv3etnvr4
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 15:25:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 13 Mar 2023 15:04:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1923
Keep-Alive: timeout=5, max=75
Content-Type: text/css
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0dcb64c2f1edc4c2d8e81718261281ee
d9429f940ff33d9176fc94eb759ecb3d0f83ada5
4aac98d2ea104410ee557819e78e3b041d1d3dba64b1f7768a685ada4143df94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 13 Mar 2023 15:25:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Dosis:300,400,500&display=swap
200 OK 766 B URL HTTP/2 fonts.googleapis.com/css?family=Dosis:300,400,500&display=swap
IP
Hash d43b480d9c7a38bf9899a1a9f68b695c
4f0bee3f8b2ba73787e8846b8b6d4c7db24b0081
c602442a5667749253a105781b6429c6227f78ccaa1ee13d5b36ae23ef1a3b90
GET /css?family=Dosis:300,400,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://starlightegypt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 13 Mar 2023 15:25:15 GMT
date: Mon, 13 Mar 2023 15:25:15 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash cb05b1e094bb98b832c5eaa7815e84b7
8b86ac079ecfbda98e4c3f2501051000a29bfdc9
0b6fc7306415869814b3bd953f0fb43ad08033202d069b1c1ae65e8d860ba1b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 15:25:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 11 Mar 2023 17:40:02 GMT
Expires: Sat, 18 Mar 2023 17:40:01 GMT
Etag: "8b86ac079ecfbda98e4c3f2501051000a29bfdc9"
Cache-Control: max-age=439485,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a7549da7906069b-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash cb05b1e094bb98b832c5eaa7815e84b7
8b86ac079ecfbda98e4c3f2501051000a29bfdc9
0b6fc7306415869814b3bd953f0fb43ad08033202d069b1c1ae65e8d860ba1b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 15:25:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 11 Mar 2023 17:40:02 GMT
Expires: Sat, 18 Mar 2023 17:40:01 GMT
Etag: "8b86ac079ecfbda98e4c3f2501051000a29bfdc9"
Cache-Control: max-age=439485,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a7549da8c27b50c-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash db27ecc2f481e8871b2e99584e751660
e671ecb839d53e296f4ec303208ddb713c72aecc
5c910268b5c4f0244540c5570056673f8cbe4a0979f301363cb56dc359c147df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C910268B5C4F0244540C5570056673F8CBE4A0979F301363CB56DC359C147DF"
Last-Modified: Sun, 12 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4379
Expires: Mon, 13 Mar 2023 16:38:14 GMT
Date: Mon, 13 Mar 2023 15:25:15 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fJ+fD1T4FPZq2Rf6M27JUw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WYDrt/PlmYO18BMrYDmGCBvQLog=
devilsms.live/clver-min.js
200 OK 66 kB URL HTTP/2 devilsms.live/clver-min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 20d5ae69455c70ce5bcf83bb4d158e13
ecf50f1168530a0661f1bb68ff809929c7f09236
7812cc28312944bca78b665a21dde0e70f9421bb848668c3066867d5c519d04f
GET /clver-min.js HTTP/1.1
Host: devilsms.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://starlightegypt.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 20 Mar 2023 15:25:15 GMT
content-type: application/javascript
last-modified: Sat, 26 Nov 2022 08:05:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 65986
date: Mon, 13 Mar 2023 15:25:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
devilsms.live/cleave.js
200 OK 18 kB IP
File type Unicode text, UTF-8 text, with very long lines (1712)
Hash fe9f66e28ad0fde897ddcb9571324491
e5ab8ed2bad2578458397898778be698dff70917
ece3c9456921c261029e7ae1b7eddd2265e8afdf1aeb78f9eafad2ea55d5e92f
GET /cleave.js HTTP/1.1
Host: devilsms.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://starlightegypt.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 20 Mar 2023 15:25:15 GMT
content-type: application/javascript
last-modified: Sun, 30 Jan 2022 13:07:42 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18428
date: Mon, 13 Mar 2023 15:25:15 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/theme-q2-d4bd5c0f67463dc74ceffd3139ffd704.css
200 OK 238 kB URL HTTP/1.1 starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/theme-q2-d4bd5c0f67463dc74ceffd3139ffd704.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
Size 238 kB (238338 bytes)
Hash 0fada9ae269b407021787917696d97db
d599d2622d723e0f5e5eecee74274b1cb71d12c2
a3eb3560b4dc56a935c15c6cd9fc361f5c97a92ec83ff6900f6090f73b6298a0
GET /nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/theme-q2-d4bd5c0f67463dc74ceffd3139ffd704.css HTTP/1.1
Host: starlightegypt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/?cont=QHdhcnJpb3Jib3kwOQ==&token=e3396dfe97dc0fc29aa2e4107798ef66
Cookie: PHPSESSID=i77ta8te16014i4l8uv3etnvr4
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 15:25:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 13 Mar 2023 15:04:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/highcontrast-e95bf772b0d5d35d8c1afdd877eace57.css
200 OK 238 kB URL HTTP/1.1 starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/highcontrast-e95bf772b0d5d35d8c1afdd877eace57.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
Size 238 kB (238111 bytes)
Hash c357d22cbfd9e2e5790c2a3eb35b341a
3d3a472dc3c67cd1d020756b7a77949b5e5c7de4
851eb2370f9c20bce90a216a0d1e27f30e4e02b3f6160723ab5d5d7184092b8f
GET /nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/highcontrast-e95bf772b0d5d35d8c1afdd877eace57.css HTTP/1.1
Host: starlightegypt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/?cont=QHdhcnJpb3Jib3kwOQ==&token=e3396dfe97dc0fc29aa2e4107798ef66
Cookie: PHPSESSID=i77ta8te16014i4l8uv3etnvr4
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 15:25:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 13 Mar 2023 15:04:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/images/ncua-10a8bacb622921a5a7836a5dadcc76a6.png
200 OK 20 kB URL HTTP/1.1 starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/images/ncua-10a8bacb622921a5a7836a5dadcc76a6.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 400 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 10a8bacb622921a5a7836a5dadcc76a6
82dc46e3efc988232a7d657013e3a8791813f4f4
75ded5a988d1c3af9c23a6c3ca361284d649ceac20dcb12a68eb082da51b6a0b
GET /nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/images/ncua-10a8bacb622921a5a7836a5dadcc76a6.png HTTP/1.1
Host: starlightegypt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://starlightegypt.com/
Connection: keep-alive
Cookie: PHPSESSID=i77ta8te16014i4l8uv3etnvr4
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 15:25:16 GMT
Server: Apache
Last-Modified: Mon, 13 Mar 2023 15:04:34 GMT
Accept-Ranges: bytes
Content-Length: 20248
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/fonts/OpenSans/OpenSans-Regular.woff
200 OK 25 kB URL HTTP/1.1 starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/fonts/OpenSans/OpenSans-Regular.woff
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 24872, version 1.0\012- data
Hash 38d2282372e8ddb41bd199b5f9415648
657441cea2cfd59821e0b741be20ad7fdce0cbba
95915582ecc56aa27829e7bd118b423f09cba0856ce517fdcd82e4e05726e6e6
Analyzer Verdict Alert fortinet Phishing
GET /nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/fonts/OpenSans/OpenSans-Regular.woff HTTP/1.1
Host: starlightegypt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/tecton-590048df214033d1c1591d552a32c9af.css
Cookie: PHPSESSID=i77ta8te16014i4l8uv3etnvr4
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 15:25:16 GMT
Server: Apache
Last-Modified: Mon, 13 Mar 2023 15:04:34 GMT
Accept-Ranges: bytes
Content-Length: 24872
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: font/woff
starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/fonts/OpenSans/OpenSans-Semibold.woff
200 OK 25 kB URL HTTP/1.1 starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/fonts/OpenSans/OpenSans-Semibold.woff
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 24952, version 1.0\012- data
Hash 8820d0e206a5b8fc0167d92acbbf4ee1
e6c1970c32b2fceecb901d3e338e2d32e8ac1b8c
5e335db7f8ef9f87be9dcc9c56f071d27a7b5bbd9111cfcdabd6babe5eb4e968
Analyzer Verdict Alert fortinet Phishing
GET /nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/fonts/OpenSans/OpenSans-Semibold.woff HTTP/1.1
Host: starlightegypt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/base/4.4.0.113/assets/tecton-590048df214033d1c1591d552a32c9af.css
Cookie: PHPSESSID=i77ta8te16014i4l8uv3etnvr4
HTTP/1.1 200 OK
Date: Mon, 13 Mar 2023 15:25:16 GMT
Server: Apache
Last-Modified: Mon, 13 Mar 2023 15:04:34 GMT
Accept-Ranges: bytes
Content-Length: 24952
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: font/woff
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f1cb274086a7fc07be41dfeb65ec1dbf
c6339993814eda4b9629ef179222b060d1f5143b
b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9466
Expires: Mon, 13 Mar 2023 18:03:02 GMT
Date: Mon, 13 Mar 2023 15:25:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f1cb274086a7fc07be41dfeb65ec1dbf
c6339993814eda4b9629ef179222b060d1f5143b
b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9466
Expires: Mon, 13 Mar 2023 18:03:02 GMT
Date: Mon, 13 Mar 2023 15:25:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f1cb274086a7fc07be41dfeb65ec1dbf
c6339993814eda4b9629ef179222b060d1f5143b
b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9466
Expires: Mon, 13 Mar 2023 18:03:02 GMT
Date: Mon, 13 Mar 2023 15:25:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f1cb274086a7fc07be41dfeb65ec1dbf
c6339993814eda4b9629ef179222b060d1f5143b
b3fbd505775ab4d16c1a8b22e367b9d3b2698bd920d0c4578659b6c63e3d3f6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B3FBD505775AB4D16C1A8B22E367B9D3B2698BD920D0C4578659B6C63E3D3F6F"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9466
Expires: Mon, 13 Mar 2023 18:03:02 GMT
Date: Mon, 13 Mar 2023 15:25:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde56a182-6d55-402d-b240-1fe8746a0a76.jpeg
200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde56a182-6d55-402d-b240-1fe8746a0a76.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 780098f209d535b5c802e280f41c2ed7
6d895fec65f4d11af82d1a417fdec5d2df2a9cd1
5b66b48774c284e271f0e4938e304b98e8e3642c9e479768b64fe4186055e886
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde56a182-6d55-402d-b240-1fe8746a0a76.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4743
x-amzn-requestid: 307f30a9-ba32-4ff5-a987-990d05f07b64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BpjcvEHvIAMFR-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640d4c51-3f20ae277aa76e175a7a3c44;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 03:51:45 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: GK32TQleZvqJHU-cz2Je8NZ9Bs3VPw0qaWuLVsWRK_o5WQxzwQvjKA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 22:17:15 GMT
age: 61682
etag: "6d895fec65f4d11af82d1a417fdec5d2df2a9cd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d465bda-e8f7-498a-8b8e-9fd8f5a4e863.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d465bda-e8f7-498a-8b8e-9fd8f5a4e863.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc6b9225b635519ff0e90400781c6676
e576ab2c5b08780162d104a060c873f52b221538
6dfe0bff6f08723604b2e4805b53dbc1907a8e6f7f56b06c110fbb8f344034d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d465bda-e8f7-498a-8b8e-9fd8f5a4e863.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10872
x-amzn-requestid: a67f345f-0aa8-4802-878c-0a0c6a3fd839
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BpyS7EvVIAMFgBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640d6412-1a18587d039d312d10829c20;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 05:33:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: TM6z8u4avm7DTwM3lCC5eEyAWlprm41CmTH-_u3LIYaMXsvSL67e8A==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 22:17:12 GMT
age: 61685
etag: "e576ab2c5b08780162d104a060c873f52b221538"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: 92381f1a-0140-47e9-a971-594a7de36c3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BkEcBGizoAMFgOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640b1ab3-1a54b65a5d7083e62dcb85ab;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 11:55:31 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: U2JtuJiGI7wXfW-kOhXKGMyrnuAYscw1mSptG-Yss3513ZFhYms3jA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 21:42:27 GMT
age: 63770
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02306d2b-eeaa-457b-818c-f89161dee633.jpeg
200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02306d2b-eeaa-457b-818c-f89161dee633.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c020f73e193d39695b2a327b7f823044
293ecfa11699509057daa07b3c103ae57dfc600b
47d1130ec2fc517545f18557e61b4a78a45b9303dfcb9f4db8683da8160205d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02306d2b-eeaa-457b-818c-f89161dee633.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4592
x-amzn-requestid: 3925b113-7d29-4400-bbab-b64767943c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Br_jDEi9IAMF4SA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640e4613-2bbddae45dbbbe8f6a62f300;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 21:37:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eJTCxZ12MBFwd6QLvbeYMyx8YTLzc9fLaGmWYo_JNqYQasH-BU-b1g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 22:16:18 GMT
age: 61739
etag: "293ecfa11699509057daa07b3c103ae57dfc600b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26033b42139d27c847cf9881a17e0332
b196fbef36c2a5242abfc5d7115f1efd39499453
028dd1c86eaab6b991ad3dcb7fda21cdcfe8f9b22155c6bcb9363fbe379096ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4512
x-amzn-requestid: e9ba0dc3-3e1a-4ff5-8d0d-57386ced2fb1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BotIeGZ-IAMFmBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf569-1a45fa73148fb01f3822ee29;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:40:57 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Wqeeb_wUrrQ62pbbReffhKWx1NeYL67CGmOFZgV-c5BD-JrbB1ud1g==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 21:40:57 GMT
age: 63860
etag: "b196fbef36c2a5242abfc5d7115f1efd39499453"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0ac20-16ad-460d-8fcb-a873994d420a.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0ac20-16ad-460d-8fcb-a873994d420a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbfef97312a1bc4792615717a63a48ba
1008882db3829f830b0f58c9c5b09792e844a31b
2b096364b450b4845252b7a22a9f9aadadf220e7a6a4134558647d308529d2a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bf0ac20-16ad-460d-8fcb-a873994d420a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5853
x-amzn-requestid: c8b1593f-4bd9-452d-a904-87b58194d599
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Br_WlHEwoAMFyqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640e45c3-461a986e5a5544cf574899e4;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 21:36:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C6xTwOtJHWOoB4SIZ7qDzhmjdyRpZtrJEQ4iSWw5SHWVIKSxfirSCw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 12 Mar 2023 22:13:56 GMT
age: 61881
etag: "1008882db3829f830b0f58c9c5b09792e844a31b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/images/favicon-285f45ebc3fe4b344d496ff87a937e2a.ico
404 Not Found 4.7 kB URL HTTP/1.1 starlightegypt.com/nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/images/favicon-285f45ebc3fe4b344d496ff87a937e2a.ico
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48
Analyzer Verdict Alert fortinet Phishing
GET /nusenda/a1e90f87848a48c7e1c5a357449385cf/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/images/favicon-285f45ebc3fe4b344d496ff87a937e2a.ico HTTP/1.1
Host: starlightegypt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://starlightegypt.com/
Connection: keep-alive
Cookie: PHPSESSID=i77ta8te16014i4l8uv3etnvr4
HTTP/1.1 404 Not Found
Date: Mon, 13 Mar 2023 15:25:17 GMT
Server: Apache
Last-Modified: Sun, 02 Oct 2022 11:50:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4677
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html
cdn1.onlineaccess1.com/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/images/logos/logo_large-8a3a7bfb59df85fdc6225939203c1b41.png
200 OK 0 B URL HTTP/2 cdn1.onlineaccess1.com/cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/images/logos/logo_large-8a3a7bfb59df85fdc6225939203c1b41.png
IP
GET /cdn/depot/5093/3120/d802bcf76b94ac2007c23bd171977751/assets/images/logos/logo_large-8a3a7bfb59df85fdc6225939203c1b41.png HTTP/1.1
Host: cdn1.onlineaccess1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://starlightegypt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 13 Mar 2023 15:25:16 GMT
content-type: image/png
last-modified: Wed, 24 Aug 2022 16:05:01 GMT
vary: Accept-Encoding
etag: W/"63064c2d-c41"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
timing-allow-origin: *
access-control-allow-headers: *
cf-cache-status: HIT
age: 5314
strict-transport-security: max-age=15552000; includeSubDomains; preload
set-cookie: __cfruid=1a63dfe09a033b965e0aa7184e36b09e84d7b8cb-1678721116; path=/; domain=.onlineaccess1.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7a7549e32be21c06-OSL
X-Firefox-Spdy: h2
192.185.31.154
23.36.76.226