r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14952
Expires: Sun, 29 Jan 2023 04:16:23 GMT
Date: Sun, 29 Jan 2023 00:07:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12809
Expires: Sun, 29 Jan 2023 03:40:40 GMT
Date: Sun, 29 Jan 2023 00:07:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10012
Expires: Sun, 29 Jan 2023 02:54:03 GMT
Date: Sun, 29 Jan 2023 00:07:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 23:35:32 GMT
content-type: application/json
age: 1899
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vt5lFUG0IepphtBK7QbJE/stZSAeIxX9JMko0XDuzxRMKUrcqfNHE3Kl9wZ66DlCoFfXlOTwALQ=
x-amz-request-id: P46P7FWQY44RFW09
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 23:21:09 GMT
age: 2762
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
masrawytours.com/
162.241.194.46200 OK 380 B IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9d414246950ea5856111c4ca8d599b16
4dfee3122a19a288c215b5180b562e23101a9f8d
cc35f1f642f5fe63d6ddf72a23171428bf063614fb00182bcc85c2be0a51767b
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:07:11 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 380
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:07:11 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 23:41:40 GMT
age: 1532
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13722
Expires: Sun, 29 Jan 2023 03:55:54 GMT
Date: Sun, 29 Jan 2023 00:07:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d7b73da7be2df26bf2bb26a5b01bbd80
96fce3682480d354ac1f662b7e8a0fdd1785edae
22ae41bbb9a51b53350bd0e349b2e0bd7986436d4d5303f72c9e90079cc52f3b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22AE41BBB9A51B53350BD0E349B2E0BD7986436D4D5303F72C9E90079CC52F3B"
Last-Modified: Thu, 26 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 29 Jan 2023 06:07:12 GMT
Date: Sun, 29 Jan 2023 00:07:12 GMT
Connection: keep-alive
push.services.mozilla.com/
35.164.184.133101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.184.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yW1js/Ku5UlGkaFSYXp5OQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qqAAiD5bf9cZw2d/0ZXlN+ETjz8=
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 839f992874f43406a9e4b3bf78dbf543
5931d414a576be8930236b579aa05e365ad30368
525570fb1fde6295f9149f4ede72a19eddd08c818c5e0b0ca88ddcfb6d3fd42e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5862
Cache-Control: max-age=101977
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Etag: "63d48d24-118"
Expires: Mon, 30 Jan 2023 04:26:50 GMT
Last-Modified: Sat, 28 Jan 2023 02:49:08 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.masrawytours.com/cssmine/fontawsma.css
162.241.194.46200 OK 7.8 kB URL HTTP/2 www.masrawytours.com/cssmine/fontawsma.css
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (35179)
Hash 9444b9a68486c0f9bf3cea2fe52cf322
69701f4e49be50107d211aaa388805095267de14
db8a208d065bb350c78a27457120f4b55d8945df9e506d2b6bea1196914481c5
GET /cssmine/fontawsma.css HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:01:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7812
content-type: text/css
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 839f992874f43406a9e4b3bf78dbf543
5931d414a576be8930236b579aa05e365ad30368
525570fb1fde6295f9149f4ede72a19eddd08c818c5e0b0ca88ddcfb6d3fd42e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5862
Cache-Control: max-age=101977
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Etag: "63d48d24-118"
Expires: Mon, 30 Jan 2023 04:26:50 GMT
Last-Modified: Sat, 28 Jan 2023 02:49:08 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
www.masrawytours.com/dist/css/swiper.min.css
162.241.194.46200 OK 4.1 kB URL HTTP/2 www.masrawytours.com/dist/css/swiper.min.css
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10760)
Hash 07421af57abaf6f532199f63c34012b4
e2bfdc032c78162b5e3e241544bfa006f6477653
2ebf09b63b0cf6df3b9ddecbe7866843666d08d8ead245c89b7055c5c0b50c17
GET /dist/css/swiper.min.css HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:01:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4091
content-type: text/css
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/scripts/build-config.js
162.241.194.46200 OK 257 B URL HTTP/2 www.masrawytours.com/scripts/build-config.js
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 9575148f7790e4b9b46b2cab97387dbb
c759483d2c69749b6266db6c538cde18a786e8a1
e0cb957ad66b4cec05c80a3b221b46762c04137a00aeb4f46a84dcec2ecfc22c
Analyzer Verdict Alert fortinet Malware
GET /scripts/build-config.js HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:25:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 257
content-type: application/javascript
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/cssmine/fontawsm.css
162.241.194.46200 OK 7.1 kB URL HTTP/2 www.masrawytours.com/cssmine/fontawsm.css
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30837)
Hash 09b8b6cbc1b0486aa66786792e8c6984
73a077a16ce58b6b5c7169a61989f7421a913936
a8e462cb54773ddf7cd4fdc03715c0cd12a537c633c026635d5810b621246db6
GET /cssmine/fontawsm.css HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:01:20 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7112
content-type: text/css
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-BM8YLMNEJW
172.217.21.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-BM8YLMNEJW
IP 172.217.21.168:0
File type ASCII text, with very long lines (19467)
Hash 6178d159bd282d77e91ae1c1570444d7
6fc0796987a28effa1e237d6802198d07f28644f
5539acd3d693e067e66d7bb57eeabb4caca75a7e53c4acc490e95d591139b828
GET /gtag/js?id=G-BM8YLMNEJW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 00:07:13 GMT
expires: Sun, 29 Jan 2023 00:07:13 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77198
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.masrawytours.com/sour/en.png
162.241.194.46200 OK 600 B URL HTTP/2 www.masrawytours.com/sour/en.png
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 2878f64a0217a154e531853f6a822c65
ac7a53e9f53b9de8a344c38222e217d50d559b83
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
GET /sour/en.png HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:26:13 GMT
accept-ranges: bytes
content-length: 600
content-type: image/png
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/sour/logo2.png
162.241.194.46200 OK 84 kB URL HTTP/2 www.masrawytours.com/sour/logo2.png
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 257, 8-bit/color RGBA, non-interlaced\012- data
Hash ad9c909d157ec44ec88f073e9a35ec1c
0c559700fb669f282a4e5e64e666597f3a7df634
0e942d95325b03682cd0c78842cbbe3dfb87ed7842197942f81466509a6f3179
GET /sour/logo2.png HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:26:19 GMT
accept-ranges: bytes
content-length: 84532
content-type: image/png
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
188.114.99.234200 OK 7.4 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 188.114.99.234:0
File type ASCII text, with very long lines (30837)
Hash c6207210708dcec516adcaf242f059a8
24753b2408a2d5d18a148064a383799ec3e44688
06dc3bb4ead6f3930a8c29d12b8bfb8b3b34a603e3f0125268b28683fab9efe9
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 00:07:13 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/12/2022 14:32:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: d59b1bc690982b057c0e17bb58696d82
cdn-cache: HIT
cf-cache-status: HIT
age: 1402149
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 790db9f2e8bfb500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.masrawytours.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 10:25:03 GMT
expires: Mon, 22 Jan 2024 10:25:03 GMT
cache-control: public, max-age=31536000
age: 567730
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.masrawytours.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 147544
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.masrawytours.com/engine1/jquery.js
162.241.194.46200 OK 58 kB URL HTTP/2 www.masrawytours.com/engine1/jquery.js
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e945e00ad45e6c55f195d1ab9dab41c1
0d08afb600f203676fae66dd199874618e10bb1e
00d9ca5f64b1805c04e401ede1fd9c861790208165aa7ddf9ca2992fe5c96482
Analyzer Verdict Alert fortinet Malware
GET /engine1/jquery.js HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:01:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/prog/171690731.jpg
162.241.194.46200 OK 62 kB URL HTTP/2 www.masrawytours.com/prog/171690731.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 625x490, components 3\012- data
Hash 32320dc2ad3a6191138fa4407333ec44
5f141defff21b7095199ec15d1ce5543c5233e04
9346541dd95a278308b6f329a9291b6a95b018f5ed02b6c1b251e7095f49ace4
GET /prog/171690731.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:22:55 GMT
accept-ranges: bytes
content-length: 62203
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/arabic/index.php
162.241.194.46200 OK 108 kB URL HTTP/2 www.masrawytours.com/arabic/index.php
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 108 kB (107673 bytes)
Hash 81ed26fee2dd7d4d3d32f612ca98bbce
014f5f1b1ebad3bc1378d33a8d6e330b4f1ede92
b582566b78c93592e80ab7de2e2039689135063fe72bcea789704f8dea01a40c
Analyzer Verdict Alert fortinet Malware
GET /arabic/index.php HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 00:07:12 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/banner/1403937326.jpg
162.241.194.46200 OK 194 kB URL HTTP/2 www.masrawytours.com/banner/1403937326.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1440x630, components 3\012- data
Size 194 kB (194169 bytes)
Hash fafab284a6278a2c87c05100c323fdf1
2d1558499de51d8f3ab4cabb3ce61304b7f81d10
ee192e3ef92914c1985441899324feec1f8bf2e13a8df668926b77b384b85385
GET /banner/1403937326.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:00:56 GMT
accept-ranges: bytes
content-length: 194169
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/prog/180668376.jpg
162.241.194.46200 OK 146 kB URL HTTP/2 www.masrawytours.com/prog/180668376.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 960x960, components 3\012- data
Size 146 kB (145980 bytes)
Hash a10c3de99fe1d02cd46def1bf530a3c0
d14dd2f04701f098e73e1a136655527021a76a99
8215b59f5ef929fdb784f6288498f28f795a4234ca47a2856e5ccd60e7a8f214
GET /prog/180668376.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:22:59 GMT
accept-ranges: bytes
content-length: 145980
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/4248d311/www-player.css
216.58.207.238200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-player.css
IP 216.58.207.238:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8a6331ed48be29c59230b0c7360068de
22a20436f427d6b8e26eb30ed9aab51a43d389bf
72f0818ab04697fc29d331b2add584f3cd5e269446c7297300701a4666c9d95e
GET /s/player/4248d311/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mfxQy5A_tHs
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49911
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 18:53:52 GMT
expires: Sat, 27 Jan 2024 18:53:52 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/css
age: 105201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
216.58.207.238200 OK 109 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (679)
Size 109 kB (109432 bytes)
Hash 711fcfe6f1ab52d89ab3474d437c1e48
b2f3e69e9d40b193de5e76ae13c6ad9ce0a8e537
361236d1317543e128074c35d22d65a2ba70f6ce9906b07a543e6b3c96239019
GET /s/player/4248d311/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mfxQy5A_tHs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 06:26:37 GMT
expires: Sat, 27 Jan 2024 06:26:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 150036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
216.58.207.238200 OK 611 kB URL HTTP/2 www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
IP 216.58.207.238:0
File type ASCII text, with very long lines (517)
Size 611 kB (611243 bytes)
Hash 4bafbf546e35e79d802b8e836cf03e3b
cff2ccd4542a73b82c18cdac6b3e4af01198566e
da6660452c1ebd120eb25d4c1a742e2fe20cf5ccfbd3523acb5e1d5693170d70
GET /s/player/4248d311/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/mfxQy5A_tHs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 611243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 09:54:19 GMT
expires: Sat, 27 Jan 2024 09:54:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 137574
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.masrawytours.com/prog/323232616.jpg
162.241.194.46404 Not Found 462 B URL HTTP/2 www.masrawytours.com/prog/323232616.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3b58a4197a90ce28f053f853e9f5201a
1764aa95ccf139706beb229625b9d6d6f154bd5d
e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648
GET /prog/323232616.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Thu, 29 Sep 2022 21:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 462
content-type: text/html
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/banner/968904602.jpg
162.241.194.46200 OK 947 kB URL HTTP/2 www.masrawytours.com/banner/968904602.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1100, components 3\012- data
Size 947 kB (947046 bytes)
Hash 9b38127987a1c1cae3baf70f430e3269
64bb5bf9af468941ade0f6b8374244bd06532359
a8542b18e6e2af361937b219f1f1a63c107d6b8e32cc7678cc4dec8c5f4f8afa
GET /banner/968904602.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:01:19 GMT
accept-ranges: bytes
content-length: 947046
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/subdep/598332264.jpg
162.241.194.46404 Not Found 462 B URL HTTP/2 www.masrawytours.com/subdep/598332264.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3b58a4197a90ce28f053f853e9f5201a
1764aa95ccf139706beb229625b9d6d6f154bd5d
e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648
GET /subdep/598332264.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Thu, 29 Sep 2022 21:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 462
content-type: text/html
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/agents/374611370.jpg
162.241.194.46200 OK 21 kB URL HTTP/2 www.masrawytours.com/agents/374611370.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x718, components 3\012- data
Hash 0b06b8af97615917abdd569533e42f18
e1f70ad119ba733e8df91b08d723b37b241e85cd
7e81bf3a100f77092a92e56515d2fb20602706c635a843de8e9f2bc9f06c9aed
GET /agents/374611370.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:39:46 GMT
accept-ranges: bytes
content-length: 20587
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/agents/545406944.jpg
162.241.194.46200 OK 39 kB URL HTTP/2 www.masrawytours.com/agents/545406944.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 719x728, components 3\012- data
Hash cb043e204661011dedb0886b399f087e
1c37c43386572b9311be093ae7edc6c6ab5b981d
446cfddefe080fef369a3ac3ef751549a1ace13a212a7f1e1442e02c2dbf6c15
GET /agents/545406944.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:39:46 GMT
accept-ranges: bytes
content-length: 38904
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/subdep/1888070184.jpg
162.241.194.46200 OK 50 kB URL HTTP/2 www.masrawytours.com/subdep/1888070184.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x466, components 3\012- data
Hash f7e0f9a615998d1e55314d3c75881b99
8df4dba903319a52bc142848e9846947ec79ff4b
34a61fab93c709b6c5f0abed7f036ab6eca2fd69149964706749e8abe591860e
GET /subdep/1888070184.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:29:01 GMT
accept-ranges: bytes
content-length: 49971
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/subdep/215242762.jpg
162.241.194.46200 OK 76 kB URL HTTP/2 www.masrawytours.com/subdep/215242762.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 782x482, components 3\012- data
Hash 7652f97115450ec4136f560462b35b07
2a78965e15fd6d26673d72cced8ec6695da4ab45
d00ac8559525170ac9cb9b72a060041aeab0f55e9159daceb2f8bf49ac39b3b0
GET /subdep/215242762.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:29:04 GMT
accept-ranges: bytes
content-length: 76146
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/subdep/1198728072.jpg
162.241.194.46200 OK 99 kB URL HTTP/2 www.masrawytours.com/subdep/1198728072.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x667, components 3\012- data
Hash bd90ecffd5c89b3fd1bc5606284a20a6
bac4038357dd7b5720d15c9686fd95a8130359ae
ae9f00643e20d1e7110b3026a888549ccee993fc84c6ddd93e00c69dc58dcc4b
GET /subdep/1198728072.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:28:47 GMT
accept-ranges: bytes
content-length: 99427
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/subdep/882525349.jpg
162.241.194.46200 OK 123 kB URL HTTP/2 www.masrawytours.com/subdep/882525349.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x511, components 3\012- data
Size 123 kB (123281 bytes)
Hash bb5b16c47c27b84409d37a1845843dee
9d90c8e7ad99486551fdf610157c3b840bc45ff0
c61c09563ef1551b735a41f958315f2359347809bc25750f6112232b2471dca3
GET /subdep/882525349.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:29:33 GMT
accept-ranges: bytes
content-length: 123281
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/agents/273751455.jpg
162.241.194.46200 OK 35 kB URL HTTP/2 www.masrawytours.com/agents/273751455.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Hash 150bea88b42c621f268a429548640e29
24eb036c5afde5d97c1109b76eec7298bc8b89c4
905f93f7d7a7c8db0058626842b99701d570ea742535d992931c0e8ee1d9d459
GET /agents/273751455.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:39:45 GMT
accept-ranges: bytes
content-length: 35015
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/sour/visaall.png
162.241.194.46200 OK 12 kB URL HTTP/2 www.masrawytours.com/sour/visaall.png
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 340 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e609885cf4e9077301758e14546577f
d1d5d60310ac241232acc6d56d036ac2f6601070
076e7f78327ae3de75f89f0c9c453caca1ee19f360ac573d1955896d13a7d794
GET /sour/visaall.png HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:26:24 GMT
accept-ranges: bytes
content-length: 11458
content-type: image/png
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/sour/wcu.jpg
162.241.194.46200 OK 109 kB URL HTTP/2 www.masrawytours.com/sour/wcu.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1900x558, components 3\012- data
Size 109 kB (108759 bytes)
Hash cf32a2e2a80e5b765a0f9e91f4de435d
2adc597f938df918e25ca25de00047586032a6db
5b0ea8be72d403a00594df8736ea5280eca2e6613937faf2631824c88211d92a
GET /sour/wcu.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:26:25 GMT
accept-ranges: bytes
content-length: 108759
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/sour/ar.png
162.241.194.46200 OK 2.1 kB URL HTTP/2 www.masrawytours.com/sour/ar.png
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 30 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash b73d4b0ff8b201652e78deca6550b391
6fa4c7df2e2f0edd619e1188c1f3d66e32b4a418
26e2bde9f15ea75c699cff7e8d340a3e45f455573d656699e2980ff415a8c836
GET /sour/ar.png HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:25:55 GMT
accept-ranges: bytes
content-length: 2097
content-type: image/png
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/jsmenu/ace-responsive-menu.js
162.241.194.46200 OK 755 B URL HTTP/2 www.masrawytours.com/jsmenu/ace-responsive-menu.js
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (572)
Hash c977c1c1e4f46809f24d387358b8d3ea
8fef50d76ded39116dcb4b890691f9379b755eb1
281f9cfd86d408ab591fae79c2e9bb5cbd3053650c03722bb218cdba395a1014
Analyzer Verdict Alert fortinet Malware
GET /jsmenu/ace-responsive-menu.js HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:03:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 755
content-type: application/javascript
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/fonts/fontawesome-webfont.woff2?v=4.7.0
162.241.194.46404 Not Found 746 B URL HTTP/2 www.masrawytours.com/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dbf8ec3db1d4b93b848197591827939c
2e12f671d6101f52060133c32f8d359af756f9b2
63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
Analyzer Verdict Alert fortinet Malware
GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.masrawytours.com/cssmine/fontawsm.css
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Thu, 29 Sep 2022 21:54:56 GMT
accept-ranges: bytes
content-length: 746
vary: Accept-Encoding
content-type: text/html
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-BM8YLMNEJW>m=2oe1p0&_p=1375823903&cid=2005977107.1674950838&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674950838&sct=1&seg=0&dl=https%3A%2F%2Fwww.masrawytours.com%2Farabic%2Findex.php&dt=%D9%85%D8%B5%D8%B1%D8%A7%D9%88%D9%8A%20%D9%84%D9%84%D8%B3%D9%8A%D8%A7%D8%AD%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-BM8YLMNEJW>m=2oe1p0&_p=1375823903&cid=2005977107.1674950838&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674950838&sct=1&seg=0&dl=https%3A%2F%2Fwww.masrawytours.com%2Farabic%2Findex.php&dt=%D9%85%D8%B5%D8%B1%D8%A7%D9%88%D9%8A%20%D9%84%D9%84%D8%B3%D9%8A%D8%A7%D8%AD%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-BM8YLMNEJW>m=2oe1p0&_p=1375823903&cid=2005977107.1674950838&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674950838&sct=1&seg=0&dl=https%3A%2F%2Fwww.masrawytours.com%2Farabic%2Findex.php&dt=%D9%85%D8%B5%D8%B1%D8%A7%D9%88%D9%8A%20%D9%84%D9%84%D8%B3%D9%8A%D8%A7%D8%AD%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.masrawytours.com
Connection: keep-alive
Referer: https://www.masrawytours.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.masrawytours.com
date: Sun, 29 Jan 2023 00:07:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.masrawytours.com/agents/177442092.jpg
162.241.194.46200 OK 294 kB URL HTTP/2 www.masrawytours.com/agents/177442092.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1056x664, components 3\012- data
Size 294 kB (293583 bytes)
Hash 7eab952fbd919c3731b43d410a0b5514
c521c3234982828cdd8f86fe3b17258ce70950f5
9b3efb423f3c803212016a8c241c43934552abcdf420e7001a529c427e508c51
GET /agents/177442092.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:39:45 GMT
accept-ranges: bytes
content-length: 293583
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/arabic/autoplay.php
162.241.194.46200 OK 1.3 kB URL HTTP/2 www.masrawytours.com/arabic/autoplay.php
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 66275170fbe07e92dcbf164612b37166
38cae4c908647018679f025189885b9ee7802d36
5f395734e49d0d02277a3f78ca277ae03c0de748971b07a24a810ca5e96d6240
Analyzer Verdict Alert fortinet Malware
GET /arabic/autoplay.php HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 1252
content-type: text/html; charset=UTF-8
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6030
Expires: Sun, 29 Jan 2023 01:47:44 GMT
Date: Sun, 29 Jan 2023 00:07:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6030
Expires: Sun, 29 Jan 2023 01:47:44 GMT
Date: Sun, 29 Jan 2023 00:07:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6030
Expires: Sun, 29 Jan 2023 01:47:44 GMT
Date: Sun, 29 Jan 2023 00:07:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6030
Expires: Sun, 29 Jan 2023 01:47:44 GMT
Date: Sun, 29 Jan 2023 00:07:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48d5b4-7f5e-41cd-a7b2-c3007235b59c.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48d5b4-7f5e-41cd-a7b2-c3007235b59c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e59316e1b1333c42d9d120fa88619bc2
669cdc8dfeba9d64f93f260adbb5f493a5649bb0
c4e78ec96322f1f151b07f9a45d51e6ca3fd46613472cf627f53bf399193a533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48d5b4-7f5e-41cd-a7b2-c3007235b59c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9398
x-amzn-requestid: 5083c66c-ad64-4f73-b915-d29ddabcdb4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6XEc1IAMFsbQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-0779693a5da31eae195989d1;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2MPzkEPg3JESo6g5D7E2LN53G-zYF__aFQmDg9DzSRxg0E19j1Iwkw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 03:19:05 GMT
age: 74889
etag: "669cdc8dfeba9d64f93f260adbb5f493a5649bb0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6af6f32397882f56d14d22348e44a9f1
5a626376807e7507fa3a204c4e4e9e44aa074a37
478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 8dca6752-c548-4526-ae81-4626843ade3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYbDjGREoAMFxiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d33ee3-1c097c131b91c34b4e7df1be;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i8JJruxoRfordb6WFNf67-GLWrA_Q930x3GCCQoUmDwXrfZtBXvsZg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 03:16:34 GMT
age: 75040
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8ddbb22-9894-4103-ab67-a72323ff97b2.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8ddbb22-9894-4103-ab67-a72323ff97b2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24a6f6affe931c41bfac1968026893dc
983e91c705e8f6d9ad3992d6905ebf5916095300
20ef8c4ff7035b897473712b6a2f614b0a551fb91c20314c3a3a19e09087ca0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8ddbb22-9894-4103-ab67-a72323ff97b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4539
x-amzn-requestid: 285ab725-3832-48f2-aa7a-99ecb6a3a533
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyd5FDxoAMFrlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3125-48c7a43e61f1ed6605e80668;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P-rYNxoiLRdYl2saixW6ypVspo2dvsrar8YK1VifUfDq5HUTFqVBzw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 04:06:37 GMT
age: 72037
etag: "983e91c705e8f6d9ad3992d6905ebf5916095300"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61dd48155b70501a72ec13f79745433d
4efc3d15f04a290a590b54122822d55a9d3fa1ca
9345056c111439b34aff08323fc99a2d315fa91293039dc5acf67affb50636d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4202
x-amzn-requestid: d33bee10-9642-4138-8dde-3486ec7f6535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa9ABFFvIAMFbqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d441ff-3b3a99db469e3f8c068d553c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:28:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RIvTaBE3RpB7sP9Bb1Ku1ItsiaCFKNmyHArESR1FuqDIHXt2uOLG6A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 05:22:38 GMT
age: 67476
etag: "4efc3d15f04a290a590b54122822d55a9d3fa1ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 12058
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dd6ccbb-893e-4aca-b08e-b16283e4ee58.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dd6ccbb-893e-4aca-b08e-b16283e4ee58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6d617843cc1f7df21950fe7d4add160
4b7b2e07f0c4667f9c83d99c1481f81ac6e531f9
facb5e8beed1bf0b0ae02cba77278767f211717097803b3966312dfe0822646b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dd6ccbb-893e-4aca-b08e-b16283e4ee58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7790
x-amzn-requestid: 19b7ae0c-7ce9-4d01-96c3-9259e6f2b1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH88xFpKIAMF_gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca851-0d4a98a74200cb962d434f82;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORGO0m0bJJzpWpxLCewm0J1vp8khEZlPzL58syBdlhyQniN8em5Qzg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:53:11 GMT
age: 8043
etag: "4b7b2e07f0c4667f9c83d99c1481f81ac6e531f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.masrawytours.com/fonts/fontawesome-webfont.woff?v=4.7.0
162.241.194.46404 Not Found 746 B URL HTTP/2 www.masrawytours.com/fonts/fontawesome-webfont.woff?v=4.7.0
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dbf8ec3db1d4b93b848197591827939c
2e12f671d6101f52060133c32f8d359af756f9b2
63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
Analyzer Verdict Alert fortinet Malware
GET /fonts/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.masrawytours.com/cssmine/fontawsm.css
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Thu, 29 Sep 2022 21:54:56 GMT
accept-ranges: bytes
content-length: 746
vary: Accept-Encoding
content-type: text/html
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/assets/owlcarousel/assets/owl.carousel.min.css
162.241.194.46200 OK 1.1 kB URL HTTP/2 www.masrawytours.com/assets/owlcarousel/assets/owl.carousel.min.css
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3184)
Hash 8110dac83703c6f3bdab05005b338dae
2d7fa29ab9e77366216866a3c399cff917625015
8b88b876325a3b5deaea39fc31f97d9ea452bf5f5a27a4eb0d0cdc5be386fb92
GET /assets/owlcarousel/assets/owl.carousel.min.css HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:00:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1142
content-type: text/css
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/trusted/1083727050.jpg
162.241.194.46200 OK 14 kB URL HTTP/2 www.masrawytours.com/trusted/1083727050.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 600x500, components 3\012- data
Hash 913349054bde63a3667ed2ee34b522b7
28b98060c8d811307214e4d5e7746ad3eefd2fe6
71101bbae430ff193310785775fba54b0926b09948640188f35f8ba6f75bb067
GET /trusted/1083727050.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:30:05 GMT
accept-ranges: bytes
content-length: 13798
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/trusted/985012725.jpg
162.241.194.46200 OK 25 kB URL HTTP/2 www.masrawytours.com/trusted/985012725.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 400x400, components 3\012- data
Hash cfad2e98fdf34af432b2d36de2d8e6d9
2f8882b9dbed5e3b15e2fd886c6b5f8970480a01
554a76eefb7037bea34c522b9f1843cb170bc1c3e45b5e039ded9d5879cefc53
GET /trusted/985012725.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:30:10 GMT
accept-ranges: bytes
content-length: 25412
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/assets/owlcarousel/assets/owl.theme.default.min.css
162.241.194.46200 OK 478 B URL HTTP/2 www.masrawytours.com/assets/owlcarousel/assets/owl.theme.default.min.css
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (846)
Hash eb4a76f05bf1762bd61703377005623b
ce3c8fc73412f3a7300f1b53fa5ad05266e411c8
25d46807ab012b04c8e5f7b54d00656f49077ca5297f357dc9eb4b6dd6c174a9
GET /assets/owlcarousel/assets/owl.theme.default.min.css HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:00:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 478
content-type: text/css
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/trusted/335912775.jpg
162.241.194.46200 OK 20 kB URL HTTP/2 www.masrawytours.com/trusted/335912775.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 700x400, components 3\012- data
Hash dcc3c9f3c47bddb528fc7ea48a6277b8
2fec4291d38642f124fb10f47bbaa7b0d0eabf2b
0bec57842678c9fc004afd2c28ba6dd18a3d12edbe5bafd35120fbc70142ebd8
GET /trusted/335912775.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:30:06 GMT
accept-ranges: bytes
content-length: 19454
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 923 B IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash 2fc47e0c03237fa2e67f19f9eff40c2e
a84d9eae87d78080051ba94e7a870a6c5b6312e7
4325bf970b2161a1c336a35ebbb4bd00f853b1c2f1248e1d350b416f0a9ac6ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.masrawytours.com/trusted/763012020.jpg
162.241.194.46200 OK 6.8 kB URL HTTP/2 www.masrawytours.com/trusted/763012020.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash ff3a0bd222748ff07ec3cdbb5d562056
f7a63cb9ffa247c2f5a3407f0633897714e7ff52
6fdd00ba430bc497729e487e8d605a9aa0bc8852d5af0d1823f9c96fea068075
GET /trusted/763012020.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:30:07 GMT
accept-ranges: bytes
content-length: 6783
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/trusted/927488550.jpg
162.241.194.46200 OK 116 kB URL HTTP/2 www.masrawytours.com/trusted/927488550.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=900, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1600], progressive, precision 8, 1600x900, components 3\012- data
Size 116 kB (116166 bytes)
Hash e4dbe883032999665a01e4b2989d8eb5
b9d1883b5dfac302bf6261c364e225b14d04ab33
10b14eea0cd304a29d99328e99107fc7c5afcd8c2c55a7614e12ec7a4ea750cf
GET /trusted/927488550.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:30:11 GMT
accept-ranges: bytes
content-length: 116166
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/assets/vendors/jquery.min.js
162.241.194.46200 OK 38 kB URL HTTP/2 www.masrawytours.com/assets/vendors/jquery.min.js
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 136a5dc82c4eb75ac2804d4a69904db7
6e59f6ad001b256444f501482f27f8364112815c
3f7f106e588c27bf3df526cf1f36e4e190c95b1bb7e0b57cead278b04232b11f
Analyzer Verdict Alert fortinet Malware
GET /assets/vendors/jquery.min.js HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:00:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/assets/js/app.js
162.241.194.46200 OK 387 B URL HTTP/2 www.masrawytours.com/assets/js/app.js
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 67ffaacb6b7359ccbf2c59cea880d0f4
0bd98d4ac49d28b403a8e0c9fcb479c361732eba
d8fb110f1d9881be345679f5c7faba536a461841738bb3c1352dbba4c08f95dc
Analyzer Verdict Alert fortinet Malware
GET /assets/js/app.js HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:00:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 387
content-type: application/javascript
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/trusted/538454685.jpg
162.241.194.46200 OK 9.2 kB URL HTTP/2 www.masrawytours.com/trusted/538454685.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 269x187, components 3\012- data
Hash cd0b0b4e0b0d6477484efb494fe98be6
39d0f8203dc4891d8e128e471751675d37209bd3
08cf4526a7969479c1d348f589fd49ab8fec68ffcd02668bc37e89761a6bfac2
GET /trusted/538454685.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:30:07 GMT
accept-ranges: bytes
content-length: 9173
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/trusted/1314249855.jpg
162.241.194.46200 OK 4.4 kB URL HTTP/2 www.masrawytours.com/trusted/1314249855.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 352x143, components 3\012- data
Hash a3d00a79da749d1dc6fb71cfa1626247
fba6c2d91ff080ba057cc8edf94d15946d0fb65b
4336c5daa61389f2640050ecfbc49da114dc3afdcbf94e7c73b4212339914fb6
GET /trusted/1314249855.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:30:05 GMT
accept-ranges: bytes
content-length: 4437
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/trusted/348411855.jpg
162.241.194.46200 OK 34 kB URL HTTP/2 www.masrawytours.com/trusted/348411855.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 700x394, components 3\012- data
Hash e202a0232ff5b37973fb2a0d3caeaf68
4a57f3f1789b51ddb11786b53e9abc15b19e03e5
1c26e803fb6feb154549c92ee2d4bb3eef79e3c1cc16719a3bbad119fce85f6e
GET /trusted/348411855.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:30:07 GMT
accept-ranges: bytes
content-length: 34182
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/assets/vendors/highlight.js
162.241.194.46200 OK 15 kB URL HTTP/2 www.masrawytours.com/assets/vendors/highlight.js
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30174), with no line terminators
Hash 561c5108dd0663092608899aaf5b4282
068e1a3574dbd0da3f7761a9cdbf461dd6dcee8d
eeac9b0daa34f0627254b29c94dc6cb671030c6ad898b22a13334c7bd6cc1d00
Analyzer Verdict Alert fortinet Malware
GET /assets/vendors/highlight.js HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:00:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15042
content-type: application/javascript
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/sour/apple-touch-icon.png
162.241.194.46200 OK 2.8 kB URL HTTP/2 www.masrawytours.com/sour/apple-touch-icon.png
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 144 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash b77ecf437855ae64535f33602d36f179
9cd81ab4edf207861ce9f71796dfa7654b29f1bb
60aac50525b91c091721824a5ae3351af992e1718037682ab7d4c69619c69c09
GET /sour/apple-touch-icon.png HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:25:54 GMT
accept-ranges: bytes
content-length: 2801
content-type: image/png
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/sour/favicon.png
162.241.194.46200 OK 2.8 kB URL HTTP/2 www.masrawytours.com/sour/favicon.png
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 158 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash e3fb9bd8914f192cab98fb007c813759
481566748c5d8b92ab07ffcc24d1aba9f034ab95
6e9d382d41c8bb411f9cd15ca53b696a5c1f4e192eaa7385fcb4c7aaaebb0972
GET /sour/favicon.png HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:26:16 GMT
accept-ranges: bytes
content-length: 2820
content-type: image/png
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 23:57:52 GMT
expires: Sun, 29 Jan 2023 00:12:52 GMT
cache-control: public, max-age=900
age: 562
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
172.217.21.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 29 Jan 2023 00:07:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.masrawytours.com/fonts/fontawesome-webfont.ttf?v=4.7.0
162.241.194.46404 Not Found 462 B URL HTTP/2 www.masrawytours.com/fonts/fontawesome-webfont.ttf?v=4.7.0
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3b58a4197a90ce28f053f853e9f5201a
1764aa95ccf139706beb229625b9d6d6f154bd5d
e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648
GET /fonts/fontawesome-webfont.ttf?v=4.7.0 HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/cssmine/fontawsm.css
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Thu, 29 Sep 2022 21:54:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 462
content-type: text/html
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 29 Jan 2023 00:07:14 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.masrawytours.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 04:29:08 GMT
expires: Wed, 24 Jan 2024 04:29:08 GMT
cache-control: public, max-age=31536000
age: 416286
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 86f1f766bc29c0c97844510615174941
67ec692819f5711953e796a74b16dc169a3a2b0c
a9f08d4d57b50a784b7c8515051b580341c24ed753e5c3f26a9bead1db77ffff
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 29 Jan 2023 00:07:14 GMT
server: ESF
cache-control: private
content-length: 31000
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:07:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36171)
Hash a13a76dd17af226d4a24bd16ef702377
c364171cd0f66eb4a1a8dde04e1e083154d81dbd
1dd3352cbdb7561b142954006a2bb94008486c22760c3d5ebb1b6fffeb325173
GET /js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14250
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 18:38:28 GMT
expires: Sat, 27 Jan 2024 18:38:28 GMT
cache-control: public, max-age=31536000
age: 106126
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
IP 142.250.74.106:0
GET /css?family=Montserrat:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 00:07:13 GMT
date: Sun, 29 Jan 2023 00:07:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.masrawytours.com/prog/546683264.jpg
162.241.194.46200 OK 0 B URL HTTP/2 www.masrawytours.com/prog/546683264.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /prog/546683264.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:23:51 GMT
accept-ranges: bytes
content-length: 232186
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.youtube.com/embed/mfxQy5A_tHs
216.58.207.238200 OK 0 B URL HTTP/2 www.youtube.com/embed/mfxQy5A_tHs
IP 216.58.207.238:0
GET /embed/mfxQy5A_tHs HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 29 Jan 2023 00:07:13 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=NFmsALv5-qU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=hD7dvZuTK6k; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 00:07:13 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpnMU9UQTFNVEl4TURJM05UYzNNQT09ELHx1p4GGLHx1p4G; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 00:07:13 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+116; expires=Tue, 28-Jan-2025 00:07:13 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway
IP 142.250.74.106:0
GET /css?family=Raleway HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 00:07:13 GMT
date: Sun, 29 Jan 2023 00:07:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,700&display=swap
IP 142.250.74.106:0
GET /css?family=Lato:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 00:07:13 GMT
date: Sun, 29 Jan 2023 00:07:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.masrawytours.com/jsmenu/jq.js
162.241.194.46200 OK 0 B URL HTTP/2 www.masrawytours.com/jsmenu/jq.js
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /jsmenu/jq.js HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:03:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/banner/775790802.jpg
162.241.194.46200 OK 0 B URL HTTP/2 www.masrawytours.com/banner/775790802.jpg
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /banner/775790802.jpg HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:01:08 GMT
accept-ranges: bytes
content-length: 522334
content-type: image/jpeg
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/assets/css/docs.theme.min.css
162.241.194.46200 OK 0 B URL HTTP/2 www.masrawytours.com/assets/css/docs.theme.min.css
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /assets/css/docs.theme.min.css HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:00:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto
IP 142.250.74.106:0
GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 00:07:13 GMT
date: Sun, 29 Jan 2023 00:07:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.masrawytours.com/dist/js/swiper.min.js
162.241.194.46200 OK 0 B URL HTTP/2 www.masrawytours.com/dist/js/swiper.min.js
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /dist/js/swiper.min.js HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:01:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sun, 29 Jan 2023 00:07:13 GMT
server: Apache
X-Firefox-Spdy: h2
www.masrawytours.com/assets/owlcarousel/owl.carousel.js
162.241.194.46200 OK 0 B URL HTTP/2 www.masrawytours.com/assets/owlcarousel/owl.carousel.js
IP 162.241.194.46:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /assets/owlcarousel/owl.carousel.js HTTP/1.1
Host: www.masrawytours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.masrawytours.com/arabic/autoplay.php
Cookie: _ga_BM8YLMNEJW=GS1.1.1674950838.1.0.1674950838.0.0.0; _ga=GA1.1.2005977107.1674950838
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 11 Dec 2022 02:00:35 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sun, 29 Jan 2023 00:07:14 GMT
server: Apache
X-Firefox-Spdy: h2