detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 20 Mar 2023 07:32:19 GMT
Age: 85736
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8278
Expires: Tue, 21 Mar 2023 09:39:14 GMT
Date: Tue, 21 Mar 2023 07:21:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fa20596251e8bcb49592b69e60fc9bea
6f0b25798a5e06ddaefab3890ab7c369b7af8bab
a71301e4358e746e144d6d1c33c2b18de9c68f48b9caad55c3169d9366c7eb51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A71301E4358E746E144D6D1C33C2B18DE9C68F48B9CAAD55C3169D9366C7EB51"
Last-Modified: Mon, 20 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7542
Expires: Tue, 21 Mar 2023 09:26:58 GMT
Date: Tue, 21 Mar 2023 07:21:16 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 40 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 4534ed76680ef3c3aeb0b7f8c295cc41
53c7911497084131c7281a5b9c6bf4da405057af
36653478a30cdd5f709d9a203673b2a64b3b878f8526ef62aabb95f924f39bec
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: nKGa0JNJBawgVm7auzCi_0EplPrDpCyr0p8T5YHr1Bw0g-XsY04WjQ==
content-encoding: gzip
via: 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 07:07:58 GMT
age: 798
content-type: application/json
vary: Accept-Encoding
content-length: 39806
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5285a032a285729d3e4a546310ed052d
d370c14bbc2d168cc3703bcb6b94ea0ece26e69d
a811aac1eb89de0666a7de8d3eda1dc3affa7ce5353219211a1beee1211536b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A811AAC1EB89DE0666A7DE8D3EDA1DC3AFFA7CE5353219211A1BEEE1211536B5"
Last-Modified: Mon, 20 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8898
Expires: Tue, 21 Mar 2023 09:49:34 GMT
Date: Tue, 21 Mar 2023 07:21:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WsMCwCnI9LCSXG/z/dNguyvn7juyTQLAU7B4jBz3uobJS0N09kUv6eEkNquhYSuK8+j9a3ooTDo=
x-amz-request-id: BDV6KJPW5YWWGBCP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 06:41:25 GMT
age: 2391
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 28774b36cf8bb6b054329393a33f6239
728313ddff6d5ceb6db3eb8445f039779616a140
08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5959
Expires: Tue, 21 Mar 2023 09:00:35 GMT
Date: Tue, 21 Mar 2023 07:21:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 06:27:23 GMT
content-type: application/json
age: 3233
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 07:21:16 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
80.241.213.35301 Moved Permanently 0 B URL HTTP/1.1 quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
IP 80.241.213.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso HTTP/1.1
Host: quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 21 Mar 2023 07:21:15 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: request_a_quote_wp_session=371fe7fead92734dbd0f4dbf5a434882%7C%7C1679385076%7C%7C1679384716; expires=Tue, 21-Mar-2023 07:51:16 GMT; Max-Age=1800; path=/
Location: https://quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 20 Mar 2023 07:32:19 GMT
Age: 85737
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash a1c29b102f8902c873af9247820b2791
a2209d730878d220a6e332c1275d8c626c5478a5
4dba8c569c40194b025ad36d08e10bb1096662f6297cf18b2413a46bba8c96be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 72
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:21:16 GMT
Last-Modified: Tue, 21 Mar 2023 07:20:04 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 07:17:22 GMT
age: 234
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20297
Expires: Tue, 21 Mar 2023 12:59:34 GMT
Date: Tue, 21 Mar 2023 07:21:17 GMT
Connection: keep-alive
quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
80.241.213.35301 Moved Permanently 0 B URL HTTP/1.1 quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
IP 80.241.213.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso HTTP/1.1
Host: quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Tue, 21 Mar 2023 07:21:16 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: request_a_quote_wp_session=e46ee37edc39e9b48900422648d033f2%7C%7C1679385076%7C%7C1679384716; expires=Tue, 21-Mar-2023 07:51:16 GMT; Max-Age=1800; path=/
Location: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
54.148.231.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.231.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hspk7lO0HeD4A/0YAdkrig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Cv9+8+M30oeTpnXOFRJ1tmZVn/Q=
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
44.238.157.127200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 44.238.157.127:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Tue, 21 Mar 2023 07:21:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221679381479341%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221679381479341%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (22067), with no line terminators
Hash 7a447c6799c70148b5f678a5f8cd1a7a
2a9208f740789905b3fdc3d761cfcf1dae436aa0
856923362161b24cfe542ebee4ec8d2956f01ad2059a1b1f7e809ae3f5d8ea96
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221679381479341%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22067
via: 1.1 google
date: Tue, 21 Mar 2023 06:51:57 GMT
last-modified: Tue, 21 Mar 2023 06:51:19 GMT
content-type: application/json
age: 1760
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22
35.241.9.150200 OK 9.1 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (9105), with no line terminators
Hash 3bf8b222f5f31c3ab484dbb4bf3c90bd
3a90ff55f82f7136aca51508621ff791c1c270bc
f08329d6b4438dc9bbf89b29a5b8537881bbd081000a90a66e031cd575fb5d9d
GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 9105
via: 1.1 google
date: Tue, 21 Mar 2023 07:14:37 GMT
age: 400
last-modified: Sat, 18 Mar 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: W1Gi1ZhJhQNWsw0JQcq/GPCwx3gu7gsf8G16Vwjv22jwagk0bYWYGOX8N0Ed2Hk2y9iH3U0WEgE=
x-amz-request-id: Q9TW2CQ66E4DY2T5
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 06:59:01 GMT
age: 1336
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1679013443657&_since=%221666204638208%22
35.241.9.150200 OK 40 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1679013443657&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (40041), with no line terminators
Hash 698d46ecc1de32df2852df324d4b72d3
e41fdce23323d1f9227e8ebb11f012b07124dfc2
ae0e5e0bc68eaed69d1d5e8ba1d2c6dac4262abba683c1d13b3d870a6e2936a4
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1679013443657&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 40041
via: 1.1 google
date: Tue, 21 Mar 2023 06:54:32 GMT
age: 1605
last-modified: Fri, 17 Mar 2023 00:37:23 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 06:27:23 GMT
content-type: application/json
age: 3234
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9f4ebc848cd4c9b3054a8963929424a9
66051faa705a94bd2bf576d86e815449a0f8fc22
01f4e229078b9e63e6d961e4a2b6dfc63a7c3a788bfce2fc729a7b317c237cd7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01F4E229078B9E63E6D961E4A2B6DFC63A7C3A788BFCE2FC729A7B317C237CD7"
Last-Modified: Mon, 20 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9051
Expires: Tue, 21 Mar 2023 09:52:08 GMT
Date: Tue, 21 Mar 2023 07:21:17 GMT
Connection: keep-alive
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
34.111.73.144200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP 34.111.73.144:0
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BygVh3uOGQ7VTy3+RFjYxlXnj/v6se6DnWv4KXDCrceZef2tIV7pWLHyfRxGcYWcBcrf+OEtxiCAkkxFj1/Ogw==
x-amz-request-id: MCV8ZR76EXX5VBMR
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Thu, 16 Mar 2023 11:49:16 GMT
age: 415921
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
80.241.213.35404 Not Found 54 kB URL HTTP/1.1 www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
IP 80.241.213.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Hash 6bb242a3ea565416167783562b1dd599
9d854670fc16272fc80dd3dd15dee2dcb8ea4d4e
68019f390c198de25a6b58497126df630233f5bc21b875616357599756754419
GET /afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Tue, 21 Mar 2023 07:21:17 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.quickstart.africa/wp-json/>; rel="https://api.w.org/"
Set-Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717; expires=Tue, 21-Mar-2023 07:51:17 GMT; Max-Age=1800; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.quickstart.africa/wp-content/themes/expeditor/style.css?ver=5.9.5
80.241.213.35200 OK 1.1 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/style.css?ver=5.9.5
IP 80.241.213.35:0
File type Non-ISO extended-ASCII text, with CRLF line terminators
Hash 75422e0d0aa0edb25c4604f882f7139b
035cc9636131acde757befc264d408860008ce51
742039bcd0127e2671e2831a6f43c6cc5abc3b9889481dbfadeda60776b4bc23
GET /wp-content/themes/expeditor/style.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:23:38 GMT
Accept-Ranges: bytes
Content-Length: 1118
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:21:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:21:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.quickstart.africa/wp-content/themes/expeditor/js/owlcarousel/owl.carousel.css?ver=5.9.5
80.241.213.35200 OK 4.7 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/js/owlcarousel/owl.carousel.css?ver=5.9.5
IP 80.241.213.35:0
Hash e61f8deda51e4b3b464659a9dcf9c5be
dfbfcbcc18c31715c8990fa916d834cb706f8f06
3664883bfec45a24a668717504dc1467bd017ef7207335ff990c0ba8ef841b05
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/js/owlcarousel/owl.carousel.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:26:02 GMT
Accept-Ranges: bytes
Content-Length: 4711
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/themes/expeditor/css/bootstrap.min.css?ver=5.9.5
80.241.213.35200 OK 12 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/css/bootstrap.min.css?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with very long lines (11764), with CRLF line terminators
Hash ee687401602a1fd8f449bd71a6e3a599
08968df96fc2b6ca2cefcbde90c5b383645f96fe
ae902ea613ed112876fd86b34d3572cbe0cae9a481973e0be6eb5e8cd8998662
GET /wp-content/themes/expeditor/css/bootstrap.min.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:24:44 GMT
Accept-Ranges: bytes
Content-Length: 11940
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/themes/expeditor/css/jquery.fancybox.css?ver=5.9.5
80.241.213.35200 OK 5.0 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/css/jquery.fancybox.css?ver=5.9.5
IP 80.241.213.35:0
Hash 53ea6cc83216c3af6c011327d1935353
a1ad1d4d4359f9d4919c791e5af7642e6f51720e
3f0bbd553d8672f018cad5f405aed7b2c2db3f249ff1c1cae8dd556ff7a06a0d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/css/jquery.fancybox.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:24:44 GMT
Accept-Ranges: bytes
Content-Length: 4971
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.googletagmanager.com/gtag/js?id=UA-197945074-1
142.250.74.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-197945074-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash 52119e45fbcfbed802bc1ec5e1bef231
5943424afc9507fbfbc87c879e7717dc132aa7d0
624e0ebca8fdd035811a413c4b6d420d0cb5320549834303cfe26122eedae62a
GET /gtag/js?id=UA-197945074-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 07:21:18 GMT
expires: Tue, 21 Mar 2023 07:21:18 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45666
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1679380922815&_since=%221666483264567%22
35.241.9.150200 OK 62 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1679380922815&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (61752), with no line terminators
Hash 45dd78e19c11df4acd5d968710d8c37c
595831e69b857bc1882e44ddfc866f46d1348f0b
807cb581f34b93a5d9366a5dcc2876ccd8166158d0b0160a401c965f469b674c
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1679380922815&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 61752
via: 1.1 google
date: Tue, 21 Mar 2023 07:11:34 GMT
last-modified: Tue, 21 Mar 2023 06:42:02 GMT
content-type: application/json
age: 584
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.quickstart.africa/wp-content/themes/expeditor/css/responsive.css?ver=5.9.5
80.241.213.35200 OK 21 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/css/responsive.css?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with CRLF line terminators
Hash c016237674e100c69ba6c95a62f2b34a
f01c2fb7bcef1604afe5f215c217c06e6676d99e
a12ee25a349a5f337d75125c0a0d47d52c1ba0393c8f787b728a4e3d8d3ed750
GET /wp-content/themes/expeditor/css/responsive.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:24:46 GMT
Accept-Ranges: bytes
Content-Length: 21034
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/uploads/dynamic_expeditor_dir/expeditor.css?ver=609a2b90d91ea
80.241.213.35200 OK 9.3 kB URL HTTP/1.1 www.quickstart.africa/wp-content/uploads/dynamic_expeditor_dir/expeditor.css?ver=609a2b90d91ea
IP 80.241.213.35:0
File type ASCII text, with very long lines (387), with CRLF, LF line terminators
Hash 97714739501b9515d9c214baada357c2
230ff3bdd931f150fdec85db07a73031bde051a3
d442caee48303f981f12c7796f45a0d36fbe0d4cf19e86abc21db382f20ebd0e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/dynamic_expeditor_dir/expeditor.css?ver=609a2b90d91ea HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Tue, 11 May 2021 07:00:32 GMT
Accept-Ranges: bytes
Content-Length: 9309
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:21:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.quickstart.africa/wp-content/themes/expeditor/font/demo-files/demo.css?ver=5.9.5
80.241.213.35200 OK 52 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/font/demo-files/demo.css?ver=5.9.5
IP 80.241.213.35:0
Hash 6a38a0f7e265340da161647fed065a89
0032340b764374795c01fbe3b1c5d75052210216
945a6bf7d4153c879c7a80728daf6efde853e5a8d11100c5e9b780dfd13d32b9
GET /wp-content/themes/expeditor/font/demo-files/demo.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:24:52 GMT
Accept-Ranges: bytes
Content-Length: 51774
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.7.1
80.241.213.35200 OK 1.2 kB URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.7.1
IP 80.241.213.35:0
File type ASCII text, with very long lines (1217), with no line terminators
Hash 276bb0e97f35483ac09ae68320f84188
0bcec4dc49cfca8a641a703b6cd85b98d085ff4e
f050fd052a21620c83566dfabadd8a606f18df450216a15e0bd2501d9fd1e70e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/embed-any-document/css/embed-public.min.css?ver=2.7.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2022 12:19:16 GMT
Accept-Ranges: bytes
Content-Length: 1217
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/plugins/expeditor-content-types/config-composer/assets/css/css_composer_front.css?ver=5.1.1
80.241.213.35200 OK 826 kB URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/expeditor-content-types/config-composer/assets/css/css_composer_front.css?ver=5.1.1
IP 80.241.213.35:0
File type ASCII text, with very long lines (684)
Size 826 kB (825661 bytes)
Hash 9e08ca425116e316ab7da628e15844a8
ac60054106c2c11e5196577fdc0df19093612230
428b5e905a65e83ff1792fc28e28dfb349657f8aa935419ea51675203311735b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/expeditor-content-types/config-composer/assets/css/css_composer_front.css?ver=5.1.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Sun, 25 Mar 2018 11:55:11 GMT
Accept-Ranges: bytes
Content-Length: 825661
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/themes/expeditor/css/fontello.css?ver=5.9.5
80.241.213.35200 OK 128 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/css/fontello.css?ver=5.9.5
IP 80.241.213.35:0
Size 128 kB (128304 bytes)
Hash 7c68d065b10fd2b45aa84490934f6250
6ed350d74101153326e65f581dd35749359ac287
a111f8efad22f7c0d77b83f3899308f71c4b14996afa0fcd91a2205b6a1bdb54
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/css/fontello.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:24:44 GMT
Accept-Ranges: bytes
Content-Length: 128304
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/themes/expeditor/css/style1.css?ver=5.9.5
80.241.213.35200 OK 148 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/css/style1.css?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with CRLF line terminators
Size 148 kB (148455 bytes)
Hash dd5119b0b91fe7e49f97a6f03814b2d9
9aeab9220497bb2f29ce277ec812f135a24afd3a
a293bb1e60896ef5d1697babb12c306f3a1ff04e33af1b30fd1ba33334762e0f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/css/style1.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 16 Nov 2020 07:55:46 GMT
Accept-Ranges: bytes
Content-Length: 148455
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-includes/css/dist/nux/style.min.css?ver=5.9.5
80.241.213.35200 OK 2.8 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/css/dist/nux/style.min.css?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with very long lines (2256)
Hash 09893407f3d6ce4e5e12af1c4006a561
42f25bf6916376b392bdd6c83ab8440b9b78b4f1
5bca2d4288328711026ee112d545ab38fc8e56e5eb81ce85befa09b4d16dbc0c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/nux/style.min.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2021 18:59:22 GMT
Accept-Ranges: bytes
Content-Length: 2768
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-includes/css/dist/reusable-blocks/style.min.css?ver=5.9.5
80.241.213.35200 OK 522 B URL HTTP/1.1 www.quickstart.africa/wp-includes/css/dist/reusable-blocks/style.min.css?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with very long lines (522), with no line terminators
Hash 0511686b2d1751365589bb4ad6ebd381
9055cd550ec030497299985811ae0dfc78ada3ca
b065e641c0b9772a645e0596657a0bbabb8470f5ffbcfed95d5100f74c0da056
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/reusable-blocks/style.min.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2021 18:59:22 GMT
Accept-Ranges: bytes
Content-Length: 522
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-includes/css/dist/block-editor/style.min.css?ver=5.9.5
80.241.213.35200 OK 112 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/css/dist/block-editor/style.min.css?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 112 kB (111974 bytes)
Hash f9b1f3d1baf5a3a8b81765830f780df8
dd24fbd9297c6d6a153a379b11e8cd5d189d7032
436bff18353cdd23f319497c726b6d88c27dc3a90b176ff7cc16bc5f0ffd8906
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-editor/style.min.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 00:12:26 GMT
Accept-Ranges: bytes
Content-Length: 111974
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-includes/css/dist/editor/style.min.css?ver=5.9.5
80.241.213.35200 OK 21 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/css/dist/editor/style.min.css?ver=5.9.5
IP 80.241.213.35:0
File type Unicode text, UTF-8 text, with very long lines (20826), with no line terminators
Hash 4fd2950b610caab099a65d3377e920f4
24086c016792f9b050b575ac2e99fdddc91023a1
e8ee2708c1df628a6145b03d746fbdbb5076288464484672b25f70917ecea416
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/editor/style.min.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2021 18:59:22 GMT
Accept-Ranges: bytes
Content-Length: 20858
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/plugins/gmap-embed/public/assets/css/front_custom_style.css?ver=1644581991
80.241.213.35200 OK 21 B URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/gmap-embed/public/assets/css/front_custom_style.css?ver=1644581991
IP 80.241.213.35:0
File type ASCII text, with no line terminators
Hash be15238b3caadb2222404b1ca9207bae
31e6232ac615fcc643dea2b878d2b9d715754063
b574e934e182e8f1f2dfcba8ed33d9a9e7e1d6abaf2d760295f09a87ee2b28ed
GET /wp-content/plugins/gmap-embed/public/assets/css/front_custom_style.css?ver=1644581991 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2022 12:19:51 GMT
Accept-Ranges: bytes
Content-Length: 21
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/plugins/whatsapp-for-wordpress/dist/blocks.style.build.css?ver=5.9.5
80.241.213.35200 OK 0 B URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/whatsapp-for-wordpress/dist/blocks.style.build.css?ver=5.9.5
IP 80.241.213.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/whatsapp-for-wordpress/dist/blocks.style.build.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Thu, 13 May 2021 06:07:49 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-includes/css/dist/components/style.min.css?ver=5.9.5
80.241.213.35200 OK 122 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/css/dist/components/style.min.css?ver=5.9.5
IP 80.241.213.35:0
File type Unicode text, UTF-8 text, with very long lines (40462)
Size 122 kB (122417 bytes)
Hash a53d10ffc3990045893ac878fd7f5a8d
b72264eebcb22da1f41da4f411b6d1c5e7ef625f
b4e97339829ec9d0ff5c5084e54a11134828a5787b9081afa964ba4e588d907d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/components/style.min.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 00:12:26 GMT
Accept-Ranges: bytes
Content-Length: 122417
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/themes/expeditor/config-contact-form-7/assets/css/style-contact-form-7.css?ver=5.5.4
80.241.213.35200 OK 5.8 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/config-contact-form-7/assets/css/style-contact-form-7.css?ver=5.5.4
IP 80.241.213.35:0
File type ASCII text, with very long lines (481), with CRLF line terminators
Hash b728fcd9baa037cd8957510d084ea923
04fc9668aa203c9fd1969a03b590dbaac21a629b
0b1b2a3b8c1854771d0bcab402754687146a97388286e251c0bfef8f090152bb
GET /wp-content/themes/expeditor/config-contact-form-7/assets/css/style-contact-form-7.css?ver=5.5.4 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:24:36 GMT
Accept-Ranges: bytes
Content-Length: 5824
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.1
80.241.213.35200 OK 30 kB URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.1
IP 80.241.213.35:0
File type ASCII text, with very long lines (29418), with CRLF line terminators
Hash 9f4f00ef6543d1605d902f51fe083c2d
ee85e1283c695be178cf766524aa61ea36372a57
2e81985d6b2a407b4760c2c85a2cdfebeb13dfa8c07781162c429f7e8381aa45
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Sun, 25 Mar 2018 11:55:12 GMT
Accept-Ranges: bytes
Content-Length: 29789
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/plugins/whatsapp-for-wordpress/assets/css/style.css?ver=5.9.5
80.241.213.35200 OK 24 kB URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/whatsapp-for-wordpress/assets/css/style.css?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with CRLF line terminators
Hash 2ec09425dba32437a94ac8c0ef4983c2
bbf1c889c33846f553498b6813932b2c705e93bd
d79b3e01944c8d0e45aeffa7a0a9e769815444ef74239a46e776995effe46e1f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/whatsapp-for-wordpress/assets/css/style.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Thu, 13 May 2021 06:07:49 GMT
Accept-Ranges: bytes
Content-Length: 23898
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=5.9.5
80.241.213.35200 OK 28 kB URL HTTP/1.1 www.quickstart.africa/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with very long lines (27639), with no line terminators
Hash 36ea4805809e6b690c2f5126a0808297
4531470deab3efd0b8499f29a323a1b45f0efced
4354449ab7a164ef5486d12020f3bc403b8ff104a8da73e9f9332106b86b061c
GET /wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Sun, 25 Mar 2018 12:03:40 GMT
Accept-Ranges: bytes
Content-Length: 27639
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.quickstart.africa/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
80.241.213.35200 OK 90 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 80.241.213.35:0
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Wed, 10 Mar 2021 19:37:24 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/themes/expeditor/js/jquery.modernizr.js?ver=5.9.5
80.241.213.35200 OK 10 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/js/jquery.modernizr.js?ver=5.9.5
IP 80.241.213.35:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (10119), with CRLF line terminators
Hash e31d5a241293fd939c0457d95d569799
db460b8f127c58930562bde2c7ec566c929355b5
ebaacdf4a02a4353df19eb61086bb9830d4914af2f251b9cccc9a6aa26996fba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/js/jquery.modernizr.js?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:25:56 GMT
Accept-Ranges: bytes
Content-Length: 10388
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
80.241.213.35200 OK 11 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 80.241.213.35:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 13:36:06 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.13.1
80.241.213.35200 OK 12 kB URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.13.1
IP 80.241.213.35:0
File type ASCII text, with very long lines (1577)
Hash a76f61318af036823b08d73536486be6
31ff9b215dcef9151b9f4fc50ea91a9df1962102
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.13.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Tue, 14 Mar 2023 14:54:41 GMT
Accept-Ranges: bytes
Content-Length: 11898
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.1
80.241.213.35200 OK 63 kB URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.1
IP 80.241.213.35:0
File type ASCII text, with very long lines (32003), with CRLF line terminators
Hash b4b495a7dc7db64771070c7f67813615
f36b9f296e3fa9eb6d6e18841540129ea95861fd
1dfd5afa2f6a618d8b7450ddc586413e1b75499322d6534e01accd990ae66925
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Sun, 25 Mar 2018 11:55:12 GMT
Accept-Ranges: bytes
Content-Length: 63323
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/plugins/whatsapp-for-wordpress/assets/js/main.js?ver=5.9.5
80.241.213.35200 OK 2.4 kB URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/whatsapp-for-wordpress/assets/js/main.js?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with CRLF line terminators
Hash d67981a5544f22944e886a3bdb366274
a906c16ee054050283a1b20662857bae925613a1
dcc5b8374312c29c134590b0f18452db4a7272ffef9bf709758950e578eaf111
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/whatsapp-for-wordpress/assets/js/main.js?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Thu, 13 May 2021 06:07:49 GMT
Accept-Ranges: bytes
Content-Length: 2433
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-includes/js/underscore.min.js?ver=1.13.1
80.241.213.35200 OK 19 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/js/underscore.min.js?ver=1.13.1
IP 80.241.213.35:0
File type ASCII text, with very long lines (19034)
Hash 47e07d05e0e32338ed2e112d3f46cac1
331fa3259ce673bf92047a25542305242eb6f35f
4f6366518c3d992d6a9a3aee342675532822d6b1d66217df7b284bb450dbb99a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/underscore.min.js?ver=1.13.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Tue, 02 Nov 2021 02:17:14 GMT
Accept-Ranges: bytes
Content-Length: 19069
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
80.241.213.35200 OK 21 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 80.241.213.35:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash e77ef4006bb97c97c8407f4a8abf4e3d
1a27436ff6ef47ca5c3e352b792e50901ebb705e
9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Thu, 03 Feb 2022 04:34:02 GMT
Accept-Ranges: bytes
Content-Length: 20714
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/plugins/expeditor-content-types/config-composer/assets/js/js_composer_front.js?ver=5.1.1
80.241.213.35200 OK 767 B URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/expeditor-content-types/config-composer/assets/js/js_composer_front.js?ver=5.1.1
IP 80.241.213.35:0
File type ASCII text, with CRLF line terminators
Hash 89ecb255eae3112f33839e9889ff3850
1965622d101f9df2967a78acba3ed2bc3f1ab973
0ade7637aa453075847a22607b3a0fa9ad02724177d7cc647216b11b443d2d10
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/expeditor-content-types/config-composer/assets/js/js_composer_front.js?ver=5.1.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Sun, 25 Mar 2018 11:55:11 GMT
Accept-Ranges: bytes
Content-Length: 767
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
80.241.213.35200 OK 12 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP 80.241.213.35:0
File type ASCII text, with very long lines (11761)
Hash 6fc353ebb56d94307d03190cc2f570d9
372f7b77bffb1e890fac42b93d6aa6a4617466fd
ebe397003de74321709c5f4760ec8d2ef4b41b2f5e0c88222ab9705918715e30
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Thu, 03 Feb 2022 04:34:02 GMT
Accept-Ranges: bytes
Content-Length: 11938
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/themes/expeditor/js/jquery.scrollTo.min.js?ver=5.9.5
80.241.213.35200 OK 2.5 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/js/jquery.scrollTo.min.js?ver=5.9.5
IP 80.241.213.35:0
File type Unicode text, UTF-8 text, with very long lines (2272), with CRLF line terminators
Hash 0ee013c5f1f0f3172cfbaf893998fc24
ebf4b578ee55796e1c2fa064e6d807eec6d7a3b0
8873f8f2239b8c5127bc0e018c01a2d44f2ddb97779b4c8d09578e7972ed72e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/js/jquery.scrollTo.min.js?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:25:56 GMT
Accept-Ranges: bytes
Content-Length: 2451
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/themes/expeditor/js/jquery.localScroll.min.js?ver=5.9.5
80.241.213.35200 OK 1.5 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/js/jquery.localScroll.min.js?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with very long lines (1306)
Hash d18df22ff25e1a28df27317fed2aa232
7f68c99f5012073778fbd44d079aa93837aad25a
2cd41238967b362ed5433880de66bcc48a9804c5616c9a5980042c88dcf13646
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/js/jquery.localScroll.min.js?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:25:56 GMT
Accept-Ranges: bytes
Content-Length: 1475
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/themes/expeditor/js/jquery.queryloader2.min.js?ver=5.9.5
80.241.213.35200 OK 12 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/js/jquery.queryloader2.min.js?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with CRLF line terminators
Hash 0e589d94aadeac33c30e97c3bf47247b
c787907da93d739c7446a0dee40396504b9de04a
cc17b180fce7d9ffdb107410c94c39d8c18805b257f7a0a265e500470ccead62
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/js/jquery.queryloader2.min.js?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:25:56 GMT
Accept-Ranges: bytes
Content-Length: 12014
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/themes/expeditor/js/owlcarousel/owl.carousel.min.js?ver=5.9.5
80.241.213.35200 OK 40 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/js/owlcarousel/owl.carousel.min.js?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with very long lines (32061)
Hash 40f70ab03342e3891259517e6cdef44b
d0624b906af3531b2901bbc1071da7bd8ef832eb
fbd5cab38e29afaf8bfeab507963eb866097a967d3c77222499894c46915cc08
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/js/owlcarousel/owl.carousel.min.js?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:26:02 GMT
Accept-Ranges: bytes
Content-Length: 40394
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/themes/expeditor/js/theme.plugins.js?ver=5.9.5
80.241.213.35200 OK 43 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/js/theme.plugins.js?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with very long lines (837), with CRLF line terminators
Hash a9bb3cc5a85c752dc5c944d4a0fa8212
ed5a1190cc19ce4d25177222d6998c52910e6fa9
6e934d7863d55264cb40c9ea9f2af21aadc387e969232b80d74ffdf012bbf9ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/js/theme.plugins.js?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:25:56 GMT
Accept-Ranges: bytes
Content-Length: 43021
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/themes/expeditor/js/theme.core.js?ver=5.9.5
80.241.213.35200 OK 8.9 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/js/theme.core.js?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with very long lines (344), with CRLF line terminators
Hash 35c31ca04f2e4636de13f111dad03d50
53caff9191b204c52f59587c12069ae6aa66a8c1
8d2ef14f235e52e9166de22e9092c87d539d9048492d83a1bd5195d2e48ba2c3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/js/theme.core.js?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:25:56 GMT
Accept-Ranges: bytes
Content-Length: 8910
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/themes/expeditor/includes/widgets/popular-widget/js/pop-widget.js?ver=1.0.1
80.241.213.35200 OK 185 B URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/includes/widgets/popular-widget/js/pop-widget.js?ver=1.0.1
IP 80.241.213.35:0
File type ASCII text, with CRLF line terminators
Hash 1987bccabd5412f7cf81868837b5e87e
968b13d50b4968e9fc01e68c200fff81f049010d
eaa1f67ec8833506094d59b7cb93841909f2b52444e451ee5c88e30bc3a3d987
GET /wp-content/themes/expeditor/includes/widgets/popular-widget/js/pop-widget.js?ver=1.0.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:25:54 GMT
Accept-Ranges: bytes
Content-Length: 185
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/332.app.js?ver=3.8
80.241.213.35200 OK 5.4 kB URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/332.app.js?ver=3.8
IP 80.241.213.35:0
File type ASCII text, with very long lines (5441), with no line terminators
Hash ac64b0e9e79af0a73092c59ce90e22c1
bdf5ccfcb4bd8b244e0dd1843eafebb44ef81ebe
0f3302e45439ab4ee06481fbe79cec9826124252ca12d76ac358aa0c5b0c94e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/332.app.js?ver=3.8 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2022 12:19:01 GMT
Accept-Ranges: bytes
Content-Length: 5441
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
80.241.213.35200 OK 16 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
IP 80.241.213.35:0
File type ASCII text, with very long lines (16116), with no line terminators
Hash 8374f7f8ffb16adccc989da30f2fa16f
2438f234a5fe533c1aa752c4b077f4d0f16a4d1d
7dcbd9ddb813cf06084d60b6158da5289b9e33ba3f9e7c463fd20e7ec8462014
GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Thu, 18 Mar 2021 22:23:20 GMT
Accept-Ranges: bytes
Content-Length: 16116
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/themes/expeditor/includes/widgets/mailchimp/js/newsletter.js?ver=1.0
80.241.213.35200 OK 989 B URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/includes/widgets/mailchimp/js/newsletter.js?ver=1.0
IP 80.241.213.35:0
File type ASCII text, with CRLF line terminators
Hash a73f35bf3832df210ced7032df6830ee
1a0795f23732c5badb00d783ca90dc8cea5869ba
a8da1df06650d6c214af7f21a9a2841a57f5b112b32d140225c96e0adf2edc92
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/includes/widgets/mailchimp/js/newsletter.js?ver=1.0 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:25:50 GMT
Accept-Ranges: bytes
Content-Length: 989
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.7.1
80.241.213.35200 OK 3.9 kB URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.7.1
IP 80.241.213.35:0
File type HTML document, ASCII text, with very long lines (3616)
Hash 7d2afa47c6d2cb795cd464bf748398bf
15e4c54889def9fb598b1fa84040950bf3ed47c6
8620810d6a6dae5c803bcc4c9d89a97697ef0dd8607c34c83fb88c256bd974fb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/embed-any-document/js/pdfobject.min.js?ver=2.7.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2022 12:19:16 GMT
Accept-Ranges: bytes
Content-Length: 3897
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:21:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.quickstart.africa/wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.7.1
80.241.213.35200 OK 1.2 kB URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.7.1
IP 80.241.213.35:0
File type ASCII text, with very long lines (1175), with no line terminators
Hash 6ad3024c69f5eee65ebb3bd678050feb
60394f73876c613a24322c2b0d2d6af7baa8aefe
8b40ef913ca8190e2bdf7aca42128b4659722ec82ba7e3948e6131adf692b7b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/embed-any-document/js/embed-public.min.js?ver=2.7.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2022 12:19:16 GMT
Accept-Ranges: bytes
Content-Length: 1175
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
80.241.213.35200 OK 6.5 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 80.241.213.35:0
File type ASCII text, with very long lines (6494), with no line terminators
Hash 64e89b93b02055fb75ea0913089ded0b
9ccf854a6acedb27496725fa7570a670fd7bd572
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 15 Nov 2021 21:05:14 GMT
Accept-Ranges: bytes
Content-Length: 6494
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4
80.241.213.35200 OK 9.7 kB URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4
IP 80.241.213.35:0
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.4 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Fri, 11 Feb 2022 12:19:05 GMT
Accept-Ranges: bytes
Content-Length: 9720
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
80.241.213.35200 OK 19 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 80.241.213.35:0
File type Unicode text, UTF-8 text, with very long lines (19111)
Hash 1b0fe9b37e9e47e0c8919cb618792bf5
5d1c1e03e3e773e572db2ad86f9771caa7286369
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 15 Nov 2021 17:20:18 GMT
Accept-Ranges: bytes
Content-Length: 19261
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.quickstart.africa/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
80.241.213.35200 OK 18 kB URL HTTP/1.1 www.quickstart.africa/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
IP 80.241.213.35:0
File type ASCII text, with very long lines (15224)
Hash 116c86c56f8db0bb63f15ceda50fdc98
75e308982ecf7cd43644b8b426e6aa1a0b0fbe26
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.5 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Wed, 09 Jun 2021 01:45:12 GMT
Accept-Ranges: bytes
Content-Length: 18181
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:21:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:21:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8510
Expires: Tue, 21 Mar 2023 09:43:08 GMT
Date: Tue, 21 Mar 2023 07:21:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8510
Expires: Tue, 21 Mar 2023 09:43:08 GMT
Date: Tue, 21 Mar 2023 07:21:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8510
Expires: Tue, 21 Mar 2023 09:43:08 GMT
Date: Tue, 21 Mar 2023 07:21:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0e2bcb0494bb5b0434a6b8c5276de8ff
33642ec68ca683dae156e15ee7449f8fecbfcd80
6921a091b2b19492a76cf3723b72c6966cb85751cabebbe2056a167994425414
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8599
x-amzn-requestid: f213c7c9-3dd9-4d20-8c46-742c3650dcfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGXKZFD6oAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d242-592c030e6760816b2d4f01f9;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: Ny4CqRzNVdxjmFQCGaiGS8QzYENhsLMUaOjm-GcmQk-mdUJirBCi8g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:02:12 GMT
age: 33546
etag: "33642ec68ca683dae156e15ee7449f8fecbfcd80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maps.google.com/maps/api/js?key=AIzaSyDmUK1ptFqXJHkCAJ1tX4eU26gzymSssnI&libraries=places&language=en®ion=US&ver=5.9.5
142.250.74.46200 OK 57 kB URL HTTP/2 maps.google.com/maps/api/js?key=AIzaSyDmUK1ptFqXJHkCAJ1tX4eU26gzymSssnI&libraries=places&language=en®ion=US&ver=5.9.5
IP 142.250.74.46:0
File type ASCII text, with very long lines (2354)
Hash f708209e160f187d0b392bb2e453c330
8e2d1dc278467ab4fbc36a8c5df94bd64d595067
5c8af91df5e6131d1541a5f49955bdc5156d1ddd2169e80a7c0234cb6c916275
GET /maps/api/js?key=AIzaSyDmUK1ptFqXJHkCAJ1tX4eU26gzymSssnI&libraries=places&language=en®ion=US&ver=5.9.5 HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56944
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Tue, 21 Mar 2023 07:09:51 GMT
expires: Tue, 21 Mar 2023 07:39:51 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 687
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59df3b8c484422b14b057fddfd99beb3
d7347bcac5fc585b802d9be262c9536d0f72a498
c05014345e897447f7bdcc3b7d267137bbf76758e8fecfbabcb20d09889769f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6632
x-amzn-requestid: e51ff988-1417-4d22-8540-82914428fdcd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFaIHZ8IAMF3lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5da-744c064c55ad8d3401855d0f;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:12:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: FsFKERMeCkoD4DFnD-sjKYiRB8izHSQszlkxg7L7jaBgGy4ASvpkkQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:27:59 GMT
age: 31999
etag: "d7347bcac5fc585b802d9be262c9536d0f72a498"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: WZ5MqPZ-MEjDt3N53EIx1XrerDmUkyvK-5FUXAmI29GXlGe6AaPqEg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:23:21 GMT
age: 32277
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.quickstart.africa/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.1
80.241.213.35200 OK 11 kB URL HTTP/1.1 www.quickstart.africa/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.1
IP 80.241.213.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f73dbc0fc3d196647ddc1e30450989d4
75d0a1414a5d350ba426dc37333a6ea131f66753
2a6954b3ccf01567c0c0c2911dd8b02c1cd264fc78178cef2eef6a6796c16c3f
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.1 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Sun, 25 Mar 2018 11:55:12 GMT
Accept-Ranges: bytes
Content-Length: 107534
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Mon, 20 Mar 2023 07:32:19 GMT
Age: 85739
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83b411d866428669d03b1976161389e7
7ea69307d21876d48217e4845204c7cc84db101e
461a26b9fcda639f3935a9355cbe12f49a17e4eb754281fa9468317ec40eccce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9160
x-amzn-requestid: 8f8a7d81-ac5e-4992-a0cf-95b3c9791bc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEW3qFRnIAMFZBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641804fd-64acec7844b88457144b35ce;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:02:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: nXc8T4YB4Rfq6CIt6rCUV94uQ61TMPabrrHpBOX74N0wFhlk0BNRjA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:44:58 GMT
etag: "7ea69307d21876d48217e4845204c7cc84db101e"
content-type: image/jpeg
age: 84980
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash 01b690964dee95d05c2514fbd8e0ca10
7095b979dd9ac6675ae4d1cf0130826045e03266
254b3294433c758c9591b6cba0e31d8453a6eec372af315d0f39056d020a6acd
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Tue, 21 Mar 2023 07:13:52 GMT
age: 446
last-modified: Fri, 17 Mar 2023 16:36:59 GMT
etag: "1679071019113"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0e5cb0b321323913460ba1efd6b7b63
701eb0eb86c6673bbb6e85cf933bea53187b6048
150d0e93b808b222fcb4b58f0f4a78a403517b84461cb3029fc71c30930bb11b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4712
x-amzn-requestid: 3c0b3a28-a1a9-4ba0-94ad-29156c2d83c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9yGEE8SIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641563c0-1937b8bc1e42142720eddd7b;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:09:52 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: a-jsgTjZQKzBK_IFEYlrxbjpk6zou_7vbQe4ptwA1IOtUdlqDG2uWA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:24:07 GMT
age: 32231
etag: "701eb0eb86c6673bbb6e85cf933bea53187b6048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.quickstart.africa/wp-content/uploads/2020/11/QSAL-Profile-22-1.png
80.241.213.35200 OK 22 kB URL HTTP/1.1 www.quickstart.africa/wp-content/uploads/2020/11/QSAL-Profile-22-1.png
IP 80.241.213.35:0
File type PNG image data, 200 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash e1e990a41784fc4195793f3c7428abb0
2dbfef91818aa606be4b7434ff56a6b1bb2084ed
540fb23c8acbb9856aec004091f71ce8099586a7c316e310c50643802733b6a9
GET /wp-content/uploads/2020/11/QSAL-Profile-22-1.png HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Thu, 19 Nov 2020 11:40:46 GMT
Accept-Ranges: bytes
Content-Length: 22339
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
www.quickstart.africa/wp-content/themes/expeditor/images/1920x684_bg.jpg
80.241.213.35200 OK 217 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/images/1920x684_bg.jpg
IP 80.241.213.35:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x684, components 3\012- data
Size 217 kB (217394 bytes)
Hash fa5d9e32fc6cdd92e7386a661fd9b33d
a1bc3ad31b1b3f631c96029acb554b9271d7243d
e431054d9ba847245199a8e348bf8896f8dc2491f6da17de3e43d5712970f8a2
GET /wp-content/themes/expeditor/images/1920x684_bg.jpg HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:24:54 GMT
Accept-Ranges: bytes
Content-Length: 217394
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:21:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:21:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Hash b4a68b1e743ee317eaaf0bbadd131571
f24f7823d4e3830c7cfa5bcb33733d2897c00f13
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.quickstart.africa
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 17 Mar 2023 08:38:41 GMT
expires: Sat, 16 Mar 2024 08:38:41 GMT
cache-control: public, max-age=31536000
age: 340957
last-modified: Mon, 11 Jul 2022 18:55:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:21:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
35.241.9.150200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1250), with no line terminators
Hash 6e9207f14bc4e1dacd75ae700db68d24
83e39f11d653a520e625f85ee1bfc792dfcb0252
18dc7a0b3c12d96a4a26b31a47e0bdf22509ec2727eabbba9457dc9102c30044
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1250
via: 1.1 google
date: Tue, 21 Mar 2023 07:05:21 GMT
age: 957
last-modified: Fri, 17 Mar 2023 16:36:48 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1742), with no line terminators
Hash 15fac2acaa5e46514ba26b94c9120bb3
84ad721feea570de94a40fec3d0e176937829f4e
fa5eb055710eff6d1f9a27b71a6424ee6213bb4b5243da7cc1b1470270ad95c8
GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1742
via: 1.1 google
date: Tue, 21 Mar 2023 06:58:49 GMT
age: 1349
last-modified: Fri, 17 Mar 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
35.241.9.150200 OK 2.4 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (2387), with no line terminators
Hash 8433183bfaa3cc12d07724843f7b08ac
8583ff32a05d04833f0c9f1e0ea8b95571a7367c
8fffd47f59b9894dd9703fefb151b4047d99bf8d6d844c1f7302633da2d9d1cf
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2387
via: 1.1 google
date: Tue, 21 Mar 2023 06:46:32 GMT
age: 2086
last-modified: Fri, 17 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20608, version 1.0\012- data
Hash 56573cfb638f35b191c36b5ad69a55e8
61b97f2670054092c49209678a2dd11d4d12a709
36ea273138b793477fef7ab102c5d882f9329660f70df5d5ad43f30f0edd7026
GET /s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.quickstart.africa
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 01:09:10 GMT
expires: Fri, 15 Mar 2024 01:09:10 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 24 Jun 2022 19:46:35 GMT
content-type: font/woff2
age: 454328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1678995079480&_since=%221666279968541%22
35.241.9.150200 OK 91 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1678995079480&_since=%221666279968541%22
IP 35.241.9.150:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 380c322f5e513af794f85091c761edce
f6058114c19e93f4e591b8b07e0bcfb6d379e001
779ec481a38a9d2d2cf9ad9da31a9b6836caf095ea7604814d0079e9df26303d
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1678995079480&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 91429
via: 1.1 google
date: Tue, 21 Mar 2023 07:11:36 GMT
age: 582
last-modified: Thu, 16 Mar 2023 19:31:19 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.quickstart.africa/wp-content/themes/expeditor/font/alarm.woff?11759646
80.241.213.35200 OK 284 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/font/alarm.woff?11759646
IP 80.241.213.35:0
File type Web Open Font Format, TrueType, length 284328, version 1.0\012- data
Size 284 kB (284328 bytes)
Hash f0c2e8d37e68bcf0cbd9b1f8e1779b2d
a0e8ddfc1cc3abeb3288d240c4aa93f58cfb8430
9aebcb40b2ed89473159b1b626f4f60ae068ea3430ab571858a5c9d9f890c742
GET /wp-content/themes/expeditor/font/alarm.woff?11759646 HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.quickstart.africa/wp-content/themes/expeditor/css/fontello.css?ver=5.9.5
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:24:52 GMT
Accept-Ranges: bytes
Content-Length: 284328
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: font/woff
www.quickstart.africa/wp-content/themes/expeditor/font/Linearicons.ttf
80.241.213.35200 OK 498 kB URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/font/Linearicons.ttf
IP 80.241.213.35:0
File type TrueType Font data, 12 tables, 1st "GSUB", 24 names, Macintosh\012- data
Size 498 kB (498156 bytes)
Hash f6e2e9c30040079ab5b2bdc94f0a3289
dcb1a930a2896228f5075397e4fdc5afc1c0699b
97af2f6b511991503bee0d894553692d209292ea2cbc562006f4771513078399
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/expeditor/font/Linearicons.ttf HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/wp-content/themes/expeditor/font/demo-files/demo.css?ver=5.9.5
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:18 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:24:48 GMT
Accept-Ranges: bytes
Content-Length: 498156
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: font/ttf
www.quickstart.africa/wp-content/uploads/2020/11/cropped-QSAL-Profile-22-192x192.png
80.241.213.35200 OK 51 kB URL HTTP/1.1 www.quickstart.africa/wp-content/uploads/2020/11/cropped-QSAL-Profile-22-192x192.png
IP 80.241.213.35:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash feae08f2a76a150f4c27f90118710ccc
174a2695a87818430cdf0cb92f6401dd0e2f401f
401b5cc97aab6907d9507143d94ce7f731ebdd11dc98178b82965003b99b3400
GET /wp-content/uploads/2020/11/cropped-QSAL-Profile-22-192x192.png HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:19 GMT
Server: Apache
Last-Modified: Fri, 13 Nov 2020 06:01:01 GMT
Accept-Ranges: bytes
Content-Length: 50875
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
www.quickstart.africa/wp-content/uploads/2020/11/cropped-QSAL-Profile-22-32x32.png
80.241.213.35200 OK 2.2 kB URL HTTP/1.1 www.quickstart.africa/wp-content/uploads/2020/11/cropped-QSAL-Profile-22-32x32.png
IP 80.241.213.35:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 43cd9556f96e2b928dbff831cb16fbe7
f8897401fee8d234343d32149bc0f7f78b0b4a61
012c4dfee670f5e8813dc84ccb2561471217fc1ab7b8add027fd084976176f50
GET /wp-content/uploads/2020/11/cropped-QSAL-Profile-22-32x32.png HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:19 GMT
Server: Apache
Last-Modified: Fri, 13 Nov 2020 06:01:01 GMT
Accept-Ranges: bytes
Content-Length: 2231
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/png
www.google-analytics.com/analytics.js
142.250.74.78200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 21 Mar 2023 06:12:29 GMT
expires: Tue, 21 Mar 2023 08:12:29 GMT
cache-control: public, max-age=7200
age: 4130
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
35.241.9.150200 OK 25 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (25354), with no line terminators
Hash 350cfa5488b9cfce345b6410b04d5307
fc3ee8d31aa9ba9353beff9a42c93855da3bf5e9
103e8b0147854a1236e477dd5e951246463f098592a5549560c20fc98d8c1f35
GET /v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 25354
via: 1.1 google
date: Tue, 21 Mar 2023 06:36:20 GMT
age: 2699
last-modified: Wed, 15 Mar 2023 23:21:25 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.138200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.138:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.quickstart.africa
Connection: keep-alive
Referer: https://www.quickstart.africa/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 21 Mar 2023 07:21:19 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.quickstart.africa
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.quickstart.africa/wp-content/uploads/2020/11/QSAL-Profile-22-1.png
80.241.213.35200 OK 534 B URL HTTP/1.1 www.quickstart.africa/wp-content/uploads/2020/11/QSAL-Profile-22-1.png
IP 80.241.213.35:0
File type gzip compressed data, max compression\012- data
Hash 62a64f8bc8be2390593e59c53ff65f2a
c24ddc77a8bbbe27f822dd12455108f8a6bd93a2
3f006061685533e0e52deecfb6b9f19c3df452815c6c1977fac80c10d4598271
HEAD /wp-content/uploads/2020/11/QSAL-Profile-22-1.png HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:19 GMT
Server: Apache
Last-Modified: Thu, 19 Nov 2020 11:40:46 GMT
Accept-Ranges: bytes
Content-Length: 22339
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png
www.quickstart.africa/wp-content/themes/expeditor/images/1920x684_bg.jpg
80.241.213.35200 OK 0 B URL HTTP/1.1 www.quickstart.africa/wp-content/themes/expeditor/images/1920x684_bg.jpg
IP 80.241.213.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /wp-content/themes/expeditor/images/1920x684_bg.jpg HTTP/1.1
Host: www.quickstart.africa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.quickstart.africa/afcu/login.php?online_id=1ef996cf47e1890ed167dc9c6&country&iso
Cookie: request_a_quote_wp_session=87c108ea938040d3e34d4803a2049a49%7C%7C1679385077%7C%7C1679384717
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 07:21:19 GMT
Server: Apache
Last-Modified: Mon, 12 Jun 2017 14:24:54 GMT
Accept-Ranges: bytes
Content-Length: 217394
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Hash 2c6deb199b3a43e62e4423bde1127c13
3bdb809be246e6a226ab6af05e6cb7ecca621d7d
200bc6608eaa3cdb6d274d84655ac94f1d1d5f33249c2d33a0155629900ce507
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Tue, 21 Mar 2023 06:37:10 GMT
age: 2649
last-modified: Wed, 15 Mar 2023 16:36:49 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
93.184.220.66200 OK 28 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (38752)
Hash 8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 783
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Tue, 21 Mar 2023 07:21:19 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F710)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.quickstart.africa
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.quickstart.africa
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56166)
Size 105 kB (105435 bytes)
Hash 58f06e7d628e7e207cad8e48c9cc76be
9042f057d52be00c9535ce93b0ce4c03707e0c41
ea6c34f2e7acfea93ba722fe283f2704392dc518c9a0d1eeca0ba03a0b63d789
GET /widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.quickstart.africa HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 469712
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 21 Mar 2023 07:21:19 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amz-server-side-encryption: AES256
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105435
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22
35.241.9.150200 OK 7.0 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (6983), with no line terminators
Hash 8b0e25726c8d69725ce442720dcb9c73
368d1066618b7b58eef950678c049597dce1a684
675d5bc828861769400422bb578ff205e372ae256f6f99d8e2a044c3dced89a1
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6983
via: 1.1 google
date: Tue, 21 Mar 2023 07:17:20 GMT
age: 239
last-modified: Tue, 14 Mar 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
35.241.9.150200 OK 1.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1646), with no line terminators
Hash 5e0b2f2021b2915601109ecf465ca847
355f9134ceb911cb0da21eddf967d9edfd761944
a9228da80814729860b40ead593f5eabfbff0a23eb34ac5cff56c033fe67d484
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1646
via: 1.1 google
date: Tue, 21 Mar 2023 06:37:11 GMT
age: 2648
last-modified: Mon, 13 Mar 2023 19:48:27 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash c01275790e785403dc61efb1c90a5307
881292e7cbd515016ce47fced9df03e879cc2fe9
6033d7ca0c89cb855ece2819dc0c23f8324971fe79be535fe3bd452b970b3cd7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5997
Cache-Control: max-age=164995
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:21:19 GMT
Etag: "64192505-139"
Expires: Thu, 23 Mar 2023 05:11:14 GMT
Last-Modified: Tue, 21 Mar 2023 03:31:17 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 313
syndication.twitter.com/settings?session_id=2982f1ebc0bd9862564af8696411c20ab45dbc3e
104.244.42.200200 OK 284 B URL HTTP/2 syndication.twitter.com/settings?session_id=2982f1ebc0bd9862564af8696411c20ab45dbc3e
IP 104.244.42.200:0
File type JSON data\012- , ASCII text, with very long lines (663), with no line terminators
Hash 8792f18dcb406af2be326e0dd816eed7
d1ad89d9036b3985071b394706514862f7c687ce
19640da1d34fa31a031d58d27be6408f6703dddc3c4495f72d55a60f518b7cba
GET /settings?session_id=2982f1ebc0bd9862564af8696411c20ab45dbc3e HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 07:21:19 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Tue, 21 Mar 2023 07:21:19 GMT
content-length: 284
content-encoding: gzip
x-transaction-id: 5948ddc5cd01f94d
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 111
x-connection-hash: a4fe191bc46e7680a61085e21fa4577c5ba2b2bcda0409786abc4e76f34fe1c7
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 0 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 934
via: 1.1 google
date: Tue, 21 Mar 2023 07:02:02 GMT
age: 1157
last-modified: Wed, 15 Mar 2023 16:36:48 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat
IP 142.250.74.138:0
GET /css?family=Montserrat HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.quickstart.africa/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 21 Mar 2023 07:21:18 GMT
date: Tue, 21 Mar 2023 07:21:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2