r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4085
Expires: Thu, 24 Nov 2022 21:03:09 GMT
Date: Thu, 24 Nov 2022 19:55:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3127
Cache-Control: max-age=142093
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:05 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:23:18 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 19:18:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2166
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6051
Expires: Thu, 24 Nov 2022 21:35:56 GMT
Date: Thu, 24 Nov 2022 19:55:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: N1zfAkIMDQ6AN0prB9uJvtkO2J3gsyQmgwsEC1V6HeGRSl2xVK3j8Kvsmkqjgh/X9TfM6ktQsn4=
x-amz-request-id: 9FMGQP5R1SDCSMS0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 19:40:31 GMT
age: 874
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
mohamedhamada.net/
198.54.115.176301 Moved Permanently 707 B IP 198.54.115.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 24 Nov 2022 19:55:04 GMT
server: LiteSpeed
location: https://mohamedhamada.net/
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 19:11:11 GMT
cache-control: public,max-age=3600
age: 2634
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ce2efcf79e16ce09d37e692ad4494efc
7b31ffe830382290fb0774e77961abb9fc471a89
43aa8451da91d6514b00d0745375a4e24901c8495c2c198c69e465c6e8920460
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:55:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 01:38:39 GMT
Expires: Wed, 30 Nov 2022 01:38:38 GMT
Etag: "7b31ffe830382290fb0774e77961abb9fc471a89"
Cache-Control: max-age=452012,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f4b33f6af6b4e8-OSL
mohamedhamada.net/
198.54.115.176301 Moved Permanently 0 B IP 198.54.115.176:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.1.33
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://www.mohamedhamada.net/
x-litespeed-cache: hit
content-length: 0
date: Thu, 24 Nov 2022 19:55:05 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6542
Cache-Control: max-age=140446
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:05 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:55:51 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.216.88.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.88.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: caYnWStWACtuQCMrrJ8Iig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EWxipHwbS5jo2NRKWL4lbyGiEzw=
c0.wp.com/c/6.0.3/wp-includes/js/wp-util.min.js
192.0.77.37200 OK 927 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/wp-util.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (1305)
Hash 8de23205b5a2e3b172ba6fa4d4a27ca5
d2855e812110bc2ff9ea2201e067a25a2e1552f5
0e9ee79b077f4bf429baecf7f7dc882bae8b12e368fe0d62129f0fd5cd9fa96a
GET /c/6.0.3/wp-includes/js/wp-util.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:06 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 19:55:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 2.9 kB URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 8da19c5f0ac24e11b4fea8af073f0f8b
c198bc80ec6ab01f65d74b3f20671274dde77df4
88eaac253925129d30367719d07c635dc6f8cd6ccb51737cd0e09a37829902a6
GET /c/6.0.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:06 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 19:55:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/6.3.1/firebase-auth.js
142.250.74.163200 OK 51 kB URL HTTP/2 www.gstatic.com/firebasejs/6.3.1/firebase-auth.js
IP 142.250.74.163:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash da0b117ea31cb78f52654b4962a2153f
7a0264cc5ea035e0799b4a55b8d2d72e8cdd7f1d
e647dd19ffa98f9ddaa85987767a926e80ef0b34f387670df19cc672c755dcf4
GET /firebasejs/6.3.1/firebase-auth.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 51194
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 06:32:42 GMT
expires: Sun, 19 Nov 2023 06:32:42 GMT
cache-control: public, max-age=31536000
age: 480144
last-modified: Fri, 19 Jul 2019 00:25:50 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/6.3.1/firebase-firestore.js
142.250.74.163200 OK 95 kB URL HTTP/2 www.gstatic.com/firebasejs/6.3.1/firebase-firestore.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0e8f47ea6303e97e66f8f668d70080a7
7a6b40903def5b751022c7bb18fc132702b14b76
ada3ae704242f47269177e09899a879129a930aacb0fe4dc86deb846903a5800
GET /firebasejs/6.3.1/firebase-firestore.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 94878
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 20:29:37 GMT
expires: Thu, 23 Nov 2023 20:29:37 GMT
cache-control: public, max-age=31536000
age: 84329
last-modified: Fri, 19 Jul 2019 00:25:49 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/6.3.1/firebase-app.js
142.250.74.163200 OK 5.2 kB URL HTTP/2 www.gstatic.com/firebasejs/6.3.1/firebase-app.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (15544)
Hash 4604b23b9037fe8a890678bdccc071f9
7679b41a4eb98f3fb157f8aac5623f4d9b4c1676
0ae835fa12891b53e900d7e8a367fd000d15bd1f02ac4407957e8480c5d13660
GET /firebasejs/6.3.1/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 5202
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:01 GMT
expires: Thu, 23 Nov 2023 18:51:01 GMT
cache-control: public, max-age=31536000
age: 90245
last-modified: Fri, 19 Jul 2019 00:25:50 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.mohamedhamada.net/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
198.54.115.176200 OK 42 kB URL HTTP/2 www.mohamedhamada.net/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0
IP 198.54.115.176:0
File type ASCII text, with very long lines (65358)
Hash a42125daa1bf4835bd80f616b2f538ec
f6fbf48eec4c1e3d203d713ce29aa7e8a3742305
cf455434a5ed07a1fafa1052cd1fb1fa750957d2d25cec8284743d41179c8040
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0 HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: text/css
last-modified: Wed, 31 Mar 2021 16:14:07 GMT
etag: "76828-60649fcf-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 42005
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/plugins/wp-review/public/css/wp-review.css?ver=5.3.5
198.54.115.176200 OK 5.9 kB URL HTTP/2 www.mohamedhamada.net/wp-content/plugins/wp-review/public/css/wp-review.css?ver=5.3.5
IP 198.54.115.176:0
File type Unicode text, UTF-8 text, with very long lines (406)
Hash fd3881bea115cb3c80fad6e4435049ad
49fbeb55fb4d4be5eadbaa472257a6d942be60e4
5abd2974ee9d33d67beea193f8310232e57658e9dc59fe6b580c76e630d89e83
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wp-review/public/css/wp-review.css?ver=5.3.5 HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: text/css
last-modified: Fri, 09 Apr 2021 13:02:18 GMT
etag: "92f1-6070505a-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5858
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/bs-booster-cache/e0fc932525197e0e1759e532f9eec96e.css
198.54.115.176200 OK 12 kB URL HTTP/2 www.mohamedhamada.net/wp-content/bs-booster-cache/e0fc932525197e0e1759e532f9eec96e.css
IP 198.54.115.176:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 04732b788e1c40cb1276eb7a8d56d777
9ddb8ca43f90f889b0c8b0ee84cf24266b93ec1e
77ce4be1112fd5c966f6287ee3b1671b24309f3c449e92ddfb3724b2dbf7f194
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/bs-booster-cache/e0fc932525197e0e1759e532f9eec96e.css HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 13:21:36 GMT
etag: "22194-631354e0-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12132
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14772
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:55:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14772
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:55:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14772
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:55:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14772
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 19:55:07 GMT
Connection: keep-alive
c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 31 kB URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (65447)
Hash 989afb2eaa7d21a22404322853db6e44
8a52340eb502499f434afc0a7904b3b8066315e8
490e324f2ce9e1d9d2a5a386b0b7f9b9acd34e8d905567357ae57a1d2eeee6e1
GET /c/6.0.3/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:06 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 19:55:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 79067
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 79520
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 78673
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 11 kB URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (11126)
Hash 52ced9ff85e09b002185b1ce0c8cca4f
aead0d784bd677dc5ba01912602312b619712c54
c001f2889e8b5c571796f034cc0f4a87157c951a98f3af2fbdbd1f3826c5f4a1
GET /c/6.0.3/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:06 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 19:55:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 45660
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/10.4/css/jetpack-rtl.css
192.0.77.37200 OK 24 kB URL HTTP/2 c0.wp.com/p/jetpack/10.4/css/jetpack-rtl.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (18462)
Hash bded2bc9d830444c651e3738297fa28c
514688dc03773ca11288412c35e3bf466d4ca821
5a3c1bb79e9976e6e6a10f88ddf67fd81f3364a2b1d7b62fd9e0b9b88e8bd7da
GET /p/jetpack/10.4/css/jetpack-rtl.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:06 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 16 Nov 2021 17:11:24 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 19:55:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=2d4bf43f398489795f1893179047a63c
198.54.115.176200 OK 2.9 kB URL HTTP/2 www.mohamedhamada.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=2d4bf43f398489795f1893179047a63c
IP 198.54.115.176:0
File type ASCII text, with very long lines (8983), with no line terminators
Hash 386595bd1c976395361d50b1aca06b6e
d10524a0f2fc8a14e3521b95596b7561e946e22c
942ff94981bd40a6b0d2a268a4b50bf06c1e8b3bd2d384e958c841168b940c7f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=2d4bf43f398489795f1893179047a63c HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: application/x-javascript
last-modified: Wed, 22 Dec 2021 18:45:04 GMT
etag: "2317-61c37230-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2894
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=1c8bb5930b723e669774487342a8fa98
198.54.115.176200 OK 897 B URL HTTP/2 www.mohamedhamada.net/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=1c8bb5930b723e669774487342a8fa98
IP 198.54.115.176:0
File type ASCII text, with very long lines (2341), with no line terminators
Hash 568ee85c8981cafb03ccee4be1ee9ad4
80a9a95d578b51026b81240a83b90c8850a07ba0
ad2a222fe08a70013834239540352a7c57474ba5ba0db49bdf35a2ccaf75fcfc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=1c8bb5930b723e669774487342a8fa98 HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: application/x-javascript
last-modified: Wed, 22 Dec 2021 18:45:04 GMT
etag: "925-61c37230-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 897
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/plugins/wp-review/public/js/js.cookie.min.js?ver=2.1.4
198.54.115.176200 OK 787 B URL HTTP/2 www.mohamedhamada.net/wp-content/plugins/wp-review/public/js/js.cookie.min.js?ver=2.1.4
IP 198.54.115.176:0
File type ASCII text, with very long lines (1694)
Hash 20e302129290102b901d42592d6ff68f
3832dcab7e9e2c87e44ef96ddea230ee337c0fdf
182cc4c4e5abc0ef5bef17e301cd6a3f24f6be63dbf46372edff33b737102cd4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wp-review/public/js/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: application/x-javascript
last-modified: Fri, 09 Apr 2021 13:02:18 GMT
etag: "69f-6070505a-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 787
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/plugins/wp-review/public/js/main.js?ver=5.3.5
198.54.115.176200 OK 1.0 kB URL HTTP/2 www.mohamedhamada.net/wp-content/plugins/wp-review/public/js/main.js?ver=5.3.5
IP 198.54.115.176:0
Hash b56aa3fd5c0dfb9e8ce93fbfdde7f849
cc78b57cc5dbcb4de41ec567268f84ed69e79f3e
4819865da533472cd4b08e8f60bc94109f7568525d2eed6252c1a0cee1a37da5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wp-review/public/js/main.js?ver=5.3.5 HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: application/x-javascript
last-modified: Fri, 09 Apr 2021 13:02:18 GMT
etag: "bdb-6070505a-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1035
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/uploads/2019/04/Artboard-1@72x-1.png
198.54.115.176200 OK 85 kB URL HTTP/2 www.mohamedhamada.net/wp-content/uploads/2019/04/Artboard-1@72x-1.png
IP 198.54.115.176:0
File type PNG image data, 2690 x 701, 8-bit/color RGBA, non-interlaced\012- data
Hash 54985db76fe501d98b2ddbc51f501e5a
0d91b3d3bcdfa73bcab69b4f8e736e14a9ddf440
5d2f3de17a07214d7cbf974a8e76ccc8f472dc6ee710e51d1e74cf71caf76697
GET /wp-content/uploads/2019/04/Artboard-1@72x-1.png HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: image/png
last-modified: Sun, 07 Apr 2019 20:16:57 GMT
etag: "14bc4-5caa5ab9-0;;;"
accept-ranges: bytes
content-length: 84932
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
198.54.115.176200 OK 4.6 kB URL HTTP/2 www.mohamedhamada.net/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 198.54.115.176:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: application/x-javascript
last-modified: Sat, 03 Sep 2022 13:20:45 GMT
etag: "48b9-631354ad-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
198.54.115.176200 OK 5.6 kB URL HTTP/2 www.mohamedhamada.net/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0
IP 198.54.115.176:0
File type ASCII text, with very long lines (20418)
Hash c15318397253a9f8bc4e80fc9be51955
543b224eb0fce0d85b1290a1e20c3b2415be3a22
2d67bfb3628d93c140d563b4bc572f54da1e330fb8d54ff9035214607a5bde6d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0 HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: application/x-javascript
last-modified: Wed, 31 Mar 2021 16:14:07 GMT
etag: "509d-60649fcf-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5560
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/bs-booster-cache/fc7b744085fd4eacaac9289ef9ff3951.js?ver=6.0.3
198.54.115.176200 OK 86 kB URL HTTP/2 www.mohamedhamada.net/wp-content/bs-booster-cache/fc7b744085fd4eacaac9289ef9ff3951.js?ver=6.0.3
IP 198.54.115.176:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (32071)
Hash fdacd9d0515db10b5c7a70ab19dde4cb
7ed9399bf761ef06df42ca78876668ad94fca305
4d5105670204ab4918bef4714bd83c9705daba0418e34aad7ea35f4f4264cbbc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/bs-booster-cache/fc7b744085fd4eacaac9289ef9ff3951.js?ver=6.0.3 HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: application/x-javascript
last-modified: Fri, 30 Apr 2021 22:53:43 GMT
etag: "3ead9-608c8a77-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 85833
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mohamedhamada.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 87659
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mohamedhamada.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 107255
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mohamedhamada.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 90078
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i0.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%AA-%D8%A7%D9%84%D9%84%D9%87-%D9%85dsds%D8%A7%D9%84%D8%AF-%D9%88-%D8%A3.-%D8%AF_-%D9%85%D8%AD%D9%85%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001.png?resize=1130%2C580&ssl=1
192.0.77.2200 OK 392 kB URL HTTP/2 i0.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%AA-%D8%A7%D9%84%D9%84%D9%87-%D9%85dsds%D8%A7%D9%84%D8%AF-%D9%88-%D8%A3.-%D8%AF_-%D9%85%D8%AD%D9%85%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001.png?resize=1130%2C580&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 392 kB (392134 bytes)
Hash 455ab1d90544c41e64386477a231dca2
6e6dcbc50578986300362364ea7d1d7b5da393d1
0545eb54ee87ef4094ff13cd60806de0514ae150e88383b62385149a1be7a4b5
GET /www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%AA-%D8%A7%D9%84%D9%84%D9%87-%D9%85dsds%D8%A7%D9%84%D8%AF-%D9%88-%D8%A3.-%D8%AF_-%D9%85%D8%AD%D9%85%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001.png?resize=1130%2C580&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:07 GMT
content-type: image/webp
content-length: 392134
last-modified: Wed, 23 Nov 2022 12:24:00 GMT
expires: Sat, 23 Nov 2024 00:24:00 GMT
cache-control: public, max-age=63115200
link: <https://www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%AA-%D8%A7%D9%84%D9%84%D9%87-%D9%85dsds%D8%A7%D9%84%D8%AF-%D9%88-%D8%A3.-%D8%AF_-%D9%85%D8%AD%D9%85%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001.png>; rel="canonical"
x-content-type-options: nosniff
etag: "981a3e2307a501b7"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A10.4&blog=159079964&post=604&tz=0&srv=www.mohamedhamada.net&host=www.mohamedhamada.net&ref=&fcp=0&rand=0.7850507290188469
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A10.4&blog=159079964&post=604&tz=0&srv=www.mohamedhamada.net&host=www.mohamedhamada.net&ref=&fcp=0&rand=0.7850507290188469
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A10.4&blog=159079964&post=604&tz=0&srv=www.mohamedhamada.net&host=www.mohamedhamada.net&ref=&fcp=0&rand=0.7850507290188469 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:07 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/bs-icons.woff
198.54.115.176200 OK 14 kB URL HTTP/2 www.mohamedhamada.net/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/bs-icons.woff
IP 198.54.115.176:0
File type Web Open Font Format, CFF, length 13852, version 1.0\012- data
Hash 7b3b5f7ada337a9a61df97550c2d6c64
fbc1335ac8b6513f8dca47d0af28381b7d1261cd
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/bs-icons.woff HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.mohamedhamada.net/wp-content/bs-booster-cache/f5cad192bc625270cf61ebb0b2709674.css
Connection: keep-alive
Cookie: _gcl_au=1.1.1982877629.1669319707
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:07 GMT
content-type: application/font-woff
etag: "361c-608c8a68-0;;;"
accept-ranges: bytes
content-length: 13852
date: Thu, 24 Nov 2022 19:55:07 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
i1.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault-1.jpg?resize=1130%2C580&ssl=1
192.0.77.2200 OK 44 kB URL HTTP/2 i1.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault-1.jpg?resize=1130%2C580&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1130x580, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 74411b9e5947c7a24b52a25d9dc12ebc
b7d01822cefaf5c617a71ae66ab209a13a309133
19f0d20a63d8ce8d064df83f805c84e8701acdd2dd54ccf442df3d81221cf172
GET /www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault-1.jpg?resize=1130%2C580&ssl=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:08 GMT
content-type: image/webp
content-length: 43780
last-modified: Wed, 23 Nov 2022 12:24:07 GMT
expires: Sat, 23 Nov 2024 00:24:07 GMT
cache-control: public, max-age=63115200
link: <https://www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "83163363d05df8d5"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault.jpg?resize=1130%2C580&ssl=1
192.0.77.2200 OK 35 kB URL HTTP/2 i1.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault.jpg?resize=1130%2C580&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1130x580, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9e232d2b603471c9b43eb2adad58f00e
ce059411107e5db0faf533e81a90ba341cfca1f9
36db0c02d38a24b25d185130c7751de7c5ac3e43a34729ca7122e84e59918598
GET /www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault.jpg?resize=1130%2C580&ssl=1 HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:08 GMT
content-type: image/webp
content-length: 34794
last-modified: Wed, 23 Nov 2022 12:24:07 GMT
expires: Sat, 23 Nov 2024 00:24:07 GMT
cache-control: public, max-age=63115200
link: <https://www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4b42018e9f816179"
vary: Accept
x-nc: MISS arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%B3%D9%8A%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001.png?resize=1130%2C580&ssl=1
192.0.77.2200 OK 428 kB URL HTTP/2 i2.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%B3%D9%8A%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001.png?resize=1130%2C580&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 428 kB (427458 bytes)
Hash ca962388e00949d350fbada390f4307c
e247ec826996c9689ca1fd8399a270a0851e2327
fd4149a6beb8bc4714195af1800e163215c706b7bc09d48b6ba19c79f66b0d2a
GET /www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%B3%D9%8A%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001.png?resize=1130%2C580&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:08 GMT
content-type: image/webp
content-length: 427458
last-modified: Wed, 23 Nov 2022 12:24:08 GMT
expires: Sat, 23 Nov 2024 00:24:08 GMT
cache-control: public, max-age=63115200
link: <https://www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%B3%D9%8A%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001.png>; rel="canonical"
x-content-type-options: nosniff
etag: "8378625293625be8"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/uploads/2019/02/Artboard-%D9%A1.jpg
198.54.115.176200 OK 876 kB URL HTTP/2 www.mohamedhamada.net/wp-content/uploads/2019/02/Artboard-%D9%A1.jpg
IP 198.54.115.176:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 2000x2000, segment length 16, baseline, precision 8, 5667x1500, components 3\012- data
Size 876 kB (876152 bytes)
Hash a8c7a1c653eb5a788f6d3dc009c0c7d2
95915415a6b09d20b182384f78e84593d8629b3a
d43f211ef2e4cd96e9c16e045903450e479f4defbe10f0f83888d0e695d7724e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/02/Artboard-%D9%A1.jpg HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: image/jpeg
last-modified: Sun, 17 Feb 2019 20:47:50 GMT
etag: "d5e78-5c69c876-0;;;"
accept-ranges: bytes
content-length: 876152
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
198.54.115.176200 OK 77 kB URL HTTP/2 www.mohamedhamada.net/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 198.54.115.176:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.mohamedhamada.net/wp-content/bs-booster-cache/f5cad192bc625270cf61ebb0b2709674.css
Connection: keep-alive
Cookie: _gcl_au=1.1.1982877629.1669319707
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:07 GMT
content-type: application/font-woff2
etag: "12d68-608c8a68-0;;;"
accept-ranges: bytes
content-length: 77160
date: Thu, 24 Nov 2022 19:55:07 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
i0.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/11/%D8%B9%D9%84%D8%A7%D8%AC-%D8%A7%D9%84%D8%A7%D9%85-%D8%A8%D8%B7%D8%A7%D9%86%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85-2.png?resize=1130%2C580&ssl=1
192.0.77.2200 OK 438 kB URL HTTP/2 i0.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/11/%D8%B9%D9%84%D8%A7%D8%AC-%D8%A7%D9%84%D8%A7%D9%85-%D8%A8%D8%B7%D8%A7%D9%86%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85-2.png?resize=1130%2C580&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 438 kB (438170 bytes)
Hash 97e19ec364c0189df2607d0ac8f823ed
0cd9b76d4aefbe365b7b4be1a6b72b8bd6be0662
6da4390dea76ba797305d4b05321c8ea7718d1d3dfec487e5ce9803c3b330607
GET /www.mohamedhamada.net/wp-content/uploads/2021/11/%D8%B9%D9%84%D8%A7%D8%AC-%D8%A7%D9%84%D8%A7%D9%85-%D8%A8%D8%B7%D8%A7%D9%86%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85-2.png?resize=1130%2C580&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:08 GMT
content-type: image/webp
content-length: 438170
last-modified: Wed, 16 Nov 2022 12:02:11 GMT
expires: Sat, 16 Nov 2024 00:02:11 GMT
cache-control: public, max-age=63115200
link: <https://www.mohamedhamada.net/wp-content/uploads/2021/11/%D8%B9%D9%84%D8%A7%D8%AC-%D8%A7%D9%84%D8%A7%D9%85-%D8%A8%D8%B7%D8%A7%D9%86%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85-2.png>; rel="canonical"
x-content-type-options: nosniff
etag: "15a43e56ce843579"
vary: Accept
x-nc: MISS arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/www.mohamedhamada.net/wp-content/uploads/2019/02/cropped-%D8%A7%D8%AE%D9%8A%D8%B1-2.png?fit=32%2C32&ssl=1
192.0.77.2200 OK 1.1 kB URL HTTP/2 i2.wp.com/www.mohamedhamada.net/wp-content/uploads/2019/02/cropped-%D8%A7%D8%AE%D9%8A%D8%B1-2.png?fit=32%2C32&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fb630896c48e9d18288029985af60efb
0d3f0c7c6dcdbfe472530724b016bb90983e383c
c08e796219d3f49624b8f775366e9d758180958b994c7ff746cea546894056aa
GET /www.mohamedhamada.net/wp-content/uploads/2019/02/cropped-%D8%A7%D8%AE%D9%8A%D8%B1-2.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:08 GMT
content-type: image/webp
content-length: 1104
last-modified: Sun, 13 Nov 2022 10:12:51 GMT
expires: Tue, 12 Nov 2024 22:12:51 GMT
cache-control: public, max-age=63115200
link: <https://www.mohamedhamada.net/wp-content/uploads/2019/02/cropped-%D8%A7%D8%AE%D9%8A%D8%B1-2.png>; rel="canonical"
x-content-type-options: nosniff
etag: "3a3f757fb8f96ebc"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/732850639/?random=1669319707334&cv=11&fst=1669319707334&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.mohamedhamada.net%2F&tiba=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%A7%D9%84%D8%AF%D9%83%D8%AA%D9%88%D8%B1%20%D9%85%D8%AD%D9%85%D8%AF%20%D8%AD%D9%85%D8%A7%D8%AF%D8%A9%20%D9%84%D8%B9%D9%84%D8%A7%D8%AC&auid=1982877629.1669319707&data=event%3Dgtag.config&rfmt=3&fmt=4
216.58.207.194200 OK 954 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/732850639/?random=1669319707334&cv=11&fst=1669319707334&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.mohamedhamada.net%2F&tiba=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%A7%D9%84%D8%AF%D9%83%D8%AA%D9%88%D8%B1%20%D9%85%D8%AD%D9%85%D8%AF%20%D8%AD%D9%85%D8%A7%D8%AF%D8%A9%20%D9%84%D8%B9%D9%84%D8%A7%D8%AC&auid=1982877629.1669319707&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (2323), with no line terminators
Hash ceede9f0ed6400c5a1386428dc674412
cbe3f6bb6421cb6c994c489eb857335ded66c210
c755a7ed0e47d5b88b446835de4d0374ff8a5952bb434c903ed3f314576582e6
GET /pagead/viewthroughconversion/732850639/?random=1669319707334&cv=11&fst=1669319707334&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.mohamedhamada.net%2F&tiba=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%A7%D9%84%D8%AF%D9%83%D8%AA%D9%88%D8%B1%20%D9%85%D8%AD%D9%85%D8%AF%20%D8%AD%D9%85%D8%A7%D8%AF%D8%A9%20%D9%84%D8%B9%D9%84%D8%A7%D8%AC&auid=1982877629.1669319707&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 19:55:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 954
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 20:10:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i2.wp.com/www.mohamedhamada.net/wp-content/uploads/2019/02/cropped-%D8%A7%D8%AE%D9%8A%D8%B1-2.png?fit=192%2C192&ssl=1
192.0.77.2200 OK 8.9 kB URL HTTP/2 i2.wp.com/www.mohamedhamada.net/wp-content/uploads/2019/02/cropped-%D8%A7%D8%AE%D9%8A%D8%B1-2.png?fit=192%2C192&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6caefc2f02dc6330f2c33f94c47f5be4
8a7bff5152cdb7c6c73891c6503acd88e375df11
31bf141a4ad4329451609656baed911904b58aa2d594d80d7aba17406d2ca15e
GET /www.mohamedhamada.net/wp-content/uploads/2019/02/cropped-%D8%A7%D8%AE%D9%8A%D8%B1-2.png?fit=192%2C192&ssl=1 HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:08 GMT
content-type: image/webp
content-length: 8858
last-modified: Mon, 21 Nov 2022 18:02:23 GMT
expires: Thu, 21 Nov 2024 06:02:23 GMT
cache-control: public, max-age=63115200
link: <https://www.mohamedhamada.net/wp-content/uploads/2019/02/cropped-%D8%A7%D8%AE%D9%8A%D8%B1-2.png>; rel="canonical"
x-content-type-options: nosniff
etag: "d5136c24809951b3"
vary: Accept
x-nc: MISS arn 7
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i1.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault-1-86x64.jpg
192.0.77.2200 OK 2.2 kB URL HTTP/2 i1.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault-1-86x64.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 86x64, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 435960cda5a1f2db183bb6b5cd5ab1b8
a5a59383e3589bfe593d5f9b69c07039abee31e4
3df88312fd1f02547544a931fc90a915ac412662948c03534bf9957898e88d2b
GET /www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault-1-86x64.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:08 GMT
content-type: image/webp
content-length: 2232
last-modified: Wed, 23 Nov 2022 12:24:08 GMT
expires: Sat, 23 Nov 2024 00:24:08 GMT
cache-control: public, max-age=63115200
link: <http://www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault-1-86x64.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "bec8d80f17ccc867"
vary: Accept
x-nc: MISS arn 1
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i1.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault-86x64.jpg
192.0.77.2200 OK 1.7 kB URL HTTP/2 i1.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault-86x64.jpg
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 86x64, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a869b22d0e898fda109c670721f32fe8
5ba16aa6bb3f765f4fc1009cd8ea6563918e47b0
13e0923b4029cda9ebd41174c33f00c2c46e8aea1a665069931472b178b520fa
GET /www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault-86x64.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:08 GMT
content-type: image/webp
content-length: 1726
last-modified: Wed, 23 Nov 2022 12:24:08 GMT
expires: Sat, 23 Nov 2024 00:24:08 GMT
cache-control: public, max-age=63115200
link: <http://www.mohamedhamada.net/wp-content/uploads/2021/09/maxresdefault-86x64.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9cc7711223b22855"
vary: Accept
x-nc: MISS arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 257
Cache-Control: max-age=119740
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:08 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 05:10:48 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/1p-user-list/732850639/?random=1669319707334&cv=11&fst=1669316400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mohamedhamada.net%2F&tiba=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%A7%D9%84%D8%AF%D9%83%D8%AA%D9%88%D8%B1%20%D9%85%D8%AD%D9%85%D8%AF%20%D8%AD%D9%85%D8%A7%D8%AF%D8%A9%20%D9%84%D8%B9%D9%84%D8%A7%D8%AC&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3587625569&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/732850639/?random=1669319707334&cv=11&fst=1669316400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mohamedhamada.net%2F&tiba=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%A7%D9%84%D8%AF%D9%83%D8%AA%D9%88%D8%B1%20%D9%85%D8%AD%D9%85%D8%AF%20%D8%AD%D9%85%D8%A7%D8%AF%D8%A9%20%D9%84%D8%B9%D9%84%D8%A7%D8%AC&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3587625569&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/732850639/?random=1669319707334&cv=11&fst=1669316400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mohamedhamada.net%2F&tiba=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%A7%D9%84%D8%AF%D9%83%D8%AA%D9%88%D8%B1%20%D9%85%D8%AD%D9%85%D8%AF%20%D8%AD%D9%85%D8%A7%D8%AF%D8%A9%20%D9%84%D8%B9%D9%84%D8%A7%D8%AC&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3587625569&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 19:55:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/732850639/?random=1669319707334&cv=11&fst=1669316400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mohamedhamada.net%2F&tiba=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%A7%D9%84%D8%AF%D9%83%D8%AA%D9%88%D8%B1%20%D9%85%D8%AD%D9%85%D8%AF%20%D8%AD%D9%85%D8%A7%D8%AF%D8%A9%20%D9%84%D8%B9%D9%84%D8%A7%D8%AC&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3587625569&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/732850639/?random=1669319707334&cv=11&fst=1669316400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mohamedhamada.net%2F&tiba=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%A7%D9%84%D8%AF%D9%83%D8%AA%D9%88%D8%B1%20%D9%85%D8%AD%D9%85%D8%AF%20%D8%AD%D9%85%D8%A7%D8%AF%D8%A9%20%D9%84%D8%B9%D9%84%D8%A7%D8%AC&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3587625569&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/732850639/?random=1669319707334&cv=11&fst=1669316400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.mohamedhamada.net%2F&tiba=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%20%D9%85%D8%B1%D9%83%D8%B2%20%D8%A7%D9%84%D8%AF%D9%83%D8%AA%D9%88%D8%B1%20%D9%85%D8%AD%D9%85%D8%AF%20%D8%AD%D9%85%D8%A7%D8%AF%D8%A9%20%D9%84%D8%B9%D9%84%D8%A7%D8%AC&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3587625569&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 19:55:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/ar_AR/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/ar_AR/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1957)
Hash fe57e3a363f21ba67b7a10c83a92ac68
016c6a7c01389b8597151dcc2442c00447e9c6ba
66baded60fe4005db093b151cdcbb0d59e2fc5f66b3ae7356cfccfa38109a0aa
GET /ar_AR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: f2799fb3228d8a9c652a3d4745243171
etag: "6b9eece9bb2dbd11ed2a4bc2a0302a41"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 24 Nov 2022 20:07:03 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: /lfjo2PyG6Z7ehDIOpKsaA==
x-fb-debug: Y3pfgbcYYBmp++ZJvQOvLXYlj6gzFPGmWCCZmsijGgUkz7GHhe8FUiGs2aYEeQ7TsUfbvK2bK8kgjsf2FYJ+Mg==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 19:55:08 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670dda5fda45a89db08867e9109f65b7
2a64bc381f8e795fe7a46a98c3e8add2f1ade404
7c2085a52a32eab3f4ab73c4ab3718cf1e7d67502e83001ce45d2857b37a0755
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 258
Cache-Control: max-age=119740
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:09 GMT
Etag: "637efbd7-1d7"
Expires: Sat, 26 Nov 2022 05:10:49 GMT
Last-Modified: Thu, 24 Nov 2022 05:06:31 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:55:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%AA-%D8%A7%D9%84%D9%84%D9%87-%D9%85dsds%D8%A7%D9%84%D8%AF-%D9%88-%D8%A3.-%D8%AF_-%D9%85%D8%AD%D9%85%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001-86x64.png
192.0.77.2400 Bad Request 521 B URL HTTP/2 i0.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%AA-%D8%A7%D9%84%D9%84%D9%87-%D9%85dsds%D8%A7%D9%84%D8%AF-%D9%88-%D8%A3.-%D8%AF_-%D9%85%D8%AD%D9%85%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001-86x64.png
IP 192.0.77.2:0
Hash 2fd2d04f8cea1e7fd6a2536cfe7600e6
257b3d418d266555a2e06bfe4e0f0afe35ae8d40
2dccc3e74dc88e38e79792d0a2297a9acb9b6cae092f1cd4e398c849ca899765
GET /www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%AA-%D8%A7%D9%84%D9%84%D9%87-%D9%85dsds%D8%A7%D9%84%D8%AF-%D9%88-%D8%A3.-%D8%AF_-%D9%85%D8%AD%D9%85%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001-86x64.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Thu, 24 Nov 2022 19:55:08 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 5
X-Firefox-Spdy: h2
connect.facebook.net/ar_AR/sdk.js?hash=05017b4cb7039e9d7584296aadba645e
157.240.200.14200 OK 89 kB URL HTTP/2 connect.facebook.net/ar_AR/sdk.js?hash=05017b4cb7039e9d7584296aadba645e
IP 157.240.200.14:0
File type ASCII text, with very long lines (18538)
Hash 951d707086ca1b2588978a27a1e625df
fad45e1be2e64aae4955f9c1eb63b15b472878e8
d9ff668ffa14f3b275b30ac161dffefe87783fe84d334399d572965dfc673dce
GET /ar_AR/sdk.js?hash=05017b4cb7039e9d7584296aadba645e HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mohamedhamada.net
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 901f91057a3762b8f1b46818655a7c16
etag: "5da12f7e8a1a5b264028a2041c129e8c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 24 Nov 2023 18:01:17 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: lR1wcIbKGyWIl4onoeYl3w==
x-fb-debug: 8V7t/E55pzi9ce4mEUp9HsRkNM0vx5a99gbwacLnSdw4wFIwr6X5aY0G5UKvRUli1mPylvKoMZL6lQ12RkXZLg==
priority: u=3,i
content-length: 88603
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 19:55:09 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yf/l/1,cross/QPV8y818Snm.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 4.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yf/l/1,cross/QPV8y818Snm.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (4434)
Hash fb149e2a4ff7762c9007eb2f78f7f309
dc3ca069754530fc0da67ccd1cc58e21baa28b2f
86a3f525c9c7c98f256bc36190ffd5f54ea9a1656cf423b3f5da8d07cfdc9072
GET /rsrc.php/v3/yf/l/1,cross/QPV8y818Snm.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 23 Nov 2023 19:39:45 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: +xSeKk/3diyQB+svePfzCQ==
x-fb-debug: 7qrEkmXYkR6Tan/+r2JgfXFoy3aHMmlzIZ0WxbS0Ksr5L/4JAlRa4/yxke9EaflhDNDU+5F4mNe455nMkeah8w==
priority: u=2
content-length: 4378
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 19:55:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yj/l/1,cross/mEWcy_dHuRb.css?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 3.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yj/l/1,cross/mEWcy_dHuRb.css?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (3044)
Hash b967416a3436f83df1bea66810a08882
ce616fac10aa7bf2821fd4a7f89d122a8659c17e
abd415455a4d43b904ea148190431808f843a34962146137518f926153324dd3
GET /rsrc.php/v3/yj/l/1,cross/mEWcy_dHuRb.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 23 Nov 2023 19:39:45 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: uWdBajQ2+D3xvqZoEKCIgg==
x-fb-debug: xi+ExQ0zPz/q5/1oGsWYzA1L7fbeA0yBFTJtmlPC1GRFNWq1J1VG8KrTMrh6eVOSmKz4+7GYsl0hvQlyman/AA==
priority: u=2
content-length: 3400
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 19:55:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (18622)
Hash 151e87d38f4f425e44d9c851c9aecf05
762111e5095f5354be95b98ad476f6e7161ce6b1
f236f289f38c8081b496e0537ed3b2c66822e7a743f5d9d4959f955c64b0b2b0
GET /rsrc.php/v3/y8/r/qc0dVyw0ZD0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 17 Nov 2023 16:54:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FR6H049PQl5E2chRya7PBQ==
x-fb-debug: XKYCuFqqNH0kZrgnBK9d939R6pWs+fcIzk26id8p6lRkOvr6n2vQtYYz0yMcJoZ8xMvN0Ztyy0Cqwk+0Rwgf4Q==
content-length: 91088
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 19:55:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 04:19:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: Q4SZcgQTAabjDzD2+gKJKr6ziyQ06wHv6vn8mmXB0+kuQdjy3wTVMUID0BmzHL5OAwJkzyKxHBk01s8b/V0KbA==
content-length: 1657
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 19:55:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (5542)
Hash 0765d76d746716156d53d36ee6f80836
17e1546f87cc6417615caa10dcbbcb699c59471a
f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 03:18:10 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: m+BQtPjWNbih3NkPDP8aeJSIVnefnV7FgVfmHv1ottnMxuFQ7O9P70HznPCRDJbEWaZVpMfMOPytg5/OtxyEfQ==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 19:55:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iCHM4/yX/l/ar_AR/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
157.240.200.14200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iCHM4/yX/l/ar_AR/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
IP 157.240.200.14:0
File type ASCII text, with very long lines (43271)
Hash d06d009f1181d1115b00591e9980de16
99b1781b62f8a1ee8e5b45fb5e90b85704642eca
c50598eb83cdf89b02b344bc7519aad346cce28c4f75a4c43f265a89c9c0f9ab
GET /rsrc.php/v3iCHM4/yX/l/ar_AR/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 06:11:58 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0G0AnxGB0RFbAFkemYDeFg==
x-fb-debug: zdTxtdb4/TbE03QLKtr8ueKKr0HFPip1bUPDz1TL2fNmKCuvMQINWCJKwdmJN0E5uHQ4XUbqBQpPn8WFSEqxaw==
content-length: 23632
x-fb-trip-id: 1679558926
date: Thu, 24 Nov 2022 19:55:09 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.zotabox.com/b/0/b05503d7e4ec2de74d336b2ddbe5e6d3/widgets.js
172.67.20.217200 OK 0 B URL HTTP/2 static.zotabox.com/b/0/b05503d7e4ec2de74d336b2ddbe5e6d3/widgets.js
IP 172.67.20.217:0
GET /b/0/b05503d7e4ec2de74d336b2ddbe5e6d3/widgets.js HTTP/1.1
Host: static.zotabox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:55:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 21 Nov 2022 20:21:50 GMT
vary: Accept-Encoding
etag: W/"637bddde-1acab"
expires: Thu, 24 Nov 2022 20:55:06 GMT
cache-control: max-age=3600, public, max-age=3600
access-control-allow-origin: *
access-control-allow-methods: GET, POST
content-encoding: gzip
z-server: mariadb
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f4b3452fe20b55-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,700,500,400italic&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,700,500,400italic&display=swap
IP 142.250.74.10:0
GET /css?family=Roboto:400,700,500,400italic&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 19:55:06 GMT
date: Thu, 24 Nov 2022 19:55:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.mohamedhamada.net/wp-content/bs-booster-cache/f5cad192bc625270cf61ebb0b2709674.css
198.54.115.176200 OK 0 B URL HTTP/2 www.mohamedhamada.net/wp-content/bs-booster-cache/f5cad192bc625270cf61ebb0b2709674.css
IP 198.54.115.176:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/bs-booster-cache/f5cad192bc625270cf61ebb0b2709674.css HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.mohamedhamada.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 24 Nov 2023 19:55:06 GMT
content-type: text/css
last-modified: Fri, 30 Apr 2021 22:53:43 GMT
etag: "dcac6-608c8a77-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 117239
date: Thu, 24 Nov 2022 19:55:06 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
stats.wp.com/e-202247.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:06 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 13 Nov 2023 09:17:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
stats.zotabox.com/api/1.0/event/multi
104.22.54.216200 OK 0 B URL HTTP/2 stats.zotabox.com/api/1.0/event/multi
IP 104.22.54.216:0
POST /api/1.0/event/multi HTTP/1.1
Host: stats.zotabox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 64
Origin: https://www.mohamedhamada.net
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 19:55:07 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76f4b348190cb4ee-OSL
X-Firefox-Spdy: h2
www.mohamedhamada.net/
198.54.115.176200 OK 0 B IP 198.54.115.176:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: www.mohamedhamada.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.1.33
content-type: text/html; charset=UTF-8
link: <https://www.mohamedhamada.net/wp-json/>; rel="https://api.w.org/", <https://www.mohamedhamada.net/wp-json/wp/v2/pages/604>; rel="alternate"; type="application/json", <https://wp.me/PaLtXS-9K>; rel=shortlink
etag: "555-1669306835;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 19:55:05 GMT
server: LiteSpeed
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/style-rtl.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/css/dist/block-library/style-rtl.min.css
IP 192.0.77.37:0
GET /c/6.0.3/wp-includes/css/dist/block-library/style-rtl.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:06 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 19:55:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
i2.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%B3%D9%8A%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001-86x64.png
192.0.77.2400 Bad Request 0 B URL HTTP/2 i2.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%B3%D9%8A%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001-86x64.png
IP 192.0.77.2:0
GET /www.mohamedhamada.net/wp-content/uploads/2021/12/%D8%A7%D9%84%D8%B4%D8%B9%D9%88%D8%B1-%D8%A8%D8%A7%D9%84%D8%A3%D9%84%D9%85-%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%B1%D8%A3%D9%8A%D8%B3%D9%8A%D8%AF-%D8%AD%D9%85%D8%A7%D8%AF%D8%A9.00_10_30_12.Still001-86x64.png HTTP/1.1
Host: i2.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Thu, 24 Nov 2022 19:55:08 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 2
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/10.4/_inc/build/photon/photon.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/10.4/_inc/build/photon/photon.min.js
IP 192.0.77.37:0
GET /p/jetpack/10.4/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:06 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 19:55:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/6.0.3/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:06 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 19:55:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.3/wp-includes/js/underscore.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.3/wp-includes/js/underscore.min.js
IP 192.0.77.37:0
GET /c/6.0.3/wp-includes/js/underscore.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:55:06 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 27 Apr 2022 14:39:21 GMT
content-encoding: br
expires: Fri, 24 Nov 2023 19:55:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/11/%D8%B9%D9%84%D8%A7%D8%AC-%D8%A7%D9%84%D8%A7%D9%85-%D8%A8%D8%B7%D8%A7%D9%86%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85-2-86x64.png
192.0.77.2400 Bad Request 0 B URL HTTP/2 i0.wp.com/www.mohamedhamada.net/wp-content/uploads/2021/11/%D8%B9%D9%84%D8%A7%D8%AC-%D8%A7%D9%84%D8%A7%D9%85-%D8%A8%D8%B7%D8%A7%D9%86%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85-2-86x64.png
IP 192.0.77.2:0
GET /www.mohamedhamada.net/wp-content/uploads/2021/11/%D8%B9%D9%84%D8%A7%D8%AC-%D8%A7%D9%84%D8%A7%D9%85-%D8%A8%D8%B7%D8%A7%D9%86%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85-2-86x64.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.mohamedhamada.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Thu, 24 Nov 2022 19:55:08 GMT
content-type: text/html; charset=utf-8
x-nc: MISS arn 3
X-Firefox-Spdy: h2