firefox.settings.services.mozilla.com/v1/
18.164.68.21200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.21:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 09:02:27 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 7d9efc042e7adb5feec60cb3e228036c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: LKreab_6uTmp8g-JhFeM1uhevHLdnDw6Iv0kV-u1PlZrFYHRBGZPog==
Age: 1872
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3618
Expires: Sat, 01 Oct 2022 10:33:57 GMT
Date: Sat, 01 Oct 2022 09:33:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4a22d2eb50abe339ba0b974642de3650
af15bc424a715a3b8d77e4948a9e152a3ba87ede
dff04734315b51fc11069e2d21b5be37b03d28ad01986e1ae2c96afc6ba31859
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFF04734315B51FC11069E2D21B5BE37B03D28AD01986E1AE2C96AFC6BA31859"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11675
Expires: Sat, 01 Oct 2022 12:48:14 GMT
Date: Sat, 01 Oct 2022 09:33:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: s2cWsL1OWdXJWh3mYqTp3vjDD2Y4QMttCPffcfbZHJuK3RtzkBBVijMawWiJYeSNyVdpF1jHNcn8idrKzEPCMg==
x-amz-request-id: VSN2M74DHMGMR1N8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 01 Oct 2022 08:49:07 GMT
age: 2672
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 01 Oct 2022 09:33:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6260f4ea221d3766bf2e451fc5f1d677
d08a489ae5c629c91935bc41eea4bbf0d584e60e
0f9b72f015bbf3f4562e9cfaeace72822fc4b1309cc5f126ad998cd06df142af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F9B72F015BBF3F4562E9CFAEACE72822FC4B1309CC5F126AD998CD06DF142AF"
Last-Modified: Thu, 29 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21572
Expires: Sat, 01 Oct 2022 15:33:11 GMT
Date: Sat, 01 Oct 2022 09:33:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.21200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.21:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 01 Oct 2022 09:12:07 GMT
Expires: Sat, 01 Oct 2022 09:24:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 86897b9f074001e33ff5cbec58c4bc02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: IpbLeicbmb0MFZV-EdKbKMEEHYzsrKLmVkfa2H2bnYgkGNPfQkAjcg==
Age: 1292
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d1be374a29f94481ff2c021e35f4eaa0
e05e92d94b5e434e9935e560fd8dc33bdc393aea
37a5132d2183f5c3bfaac5c89df691fea72cac4423110df88bdeb231f430deee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5680
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 01 Oct 2022 09:33:40 GMT
Last-Modified: Sat, 01 Oct 2022 07:59:00 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pTrCIs3jZL2eLIcWa3Qdkw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EoL1bSeHZIoD6KiGoh+cX6pfzgg=
challenge-eg.org/wp-content/vub/
192.254.234.51200 OK 10 kB URL HTTP/2 challenge-eg.org/wp-content/vub/
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4722)
Hash 8aeec10c2dfea5b0c9ff6cbe629c36b3
91317d3c676387bc1ce0cd2450df668d3e81b87f
d71f762e5de6f103fe33e5cc45cdd4f285ef0addefa7f0bb076b55793fd5bd35
Analyzer Verdict Alert openphish Intesa Sanpaolo
fortinet Phishing
GET /wp-content/vub/ HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:33:40 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 10107
vary: Accept-Encoding
cache-control: max-age=0
expires: Sat, 01 Oct 2022 09:33:40 GMT
content-encoding: gzip
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/entrust_site_seal_xs.png
192.254.234.51200 OK 2.4 kB URL HTTP/2 challenge-eg.org/wp-content/vub/page/entrust_site_seal_xs.png
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 52 x 52, 8-bit/color RGBA, interlaced\012- data
Hash 11e62d4b07a356b2efb2fc2cc0a4ad23
704ce5f8d6af20f3a6b8923d96ce7be89a70ce0f
a0df655a3bd1e698354e98709c2d10bce146ebfadbef75e95a8fc7c96ea79f40
GET /wp-content/vub/page/entrust_site_seal_xs.png HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 18:12:00 GMT
accept-ranges: bytes
content-length: 2371
cache-control: max-age=10368000, public
expires: Sun, 29 Jan 2023 09:33:41 GMT
content-type: image/png
date: Sat, 01 Oct 2022 09:33:41 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 8fe6517ab609f9917171de05ec47aa50
3b8cfa1447a304807353c2dc1ada12360d70f934
92d50188f319f2908744e8f43ca83a465c68d5912a1fe81a8c3ae8aabb98ec1e
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "92D50188F319F2908744E8F43CA83A465C68D5912A1FE81A8C3AE8AABB98EC1E"
Last-Modified: Fri, 30 Sep 2022 23:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=3483
Expires: Sat, 01 Oct 2022 10:31:44 GMT
Date: Sat, 01 Oct 2022 09:33:41 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 5f9bfb8f9704197ee61ff560aba1df38
77c8273febfe913ef15f6a9fc0d20bb0500b2545
2b6507c606577886a50975f0a5cb658c40013c764572b5fb1caf9b14780c1976
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "2B6507C606577886A50975F0A5CB658C40013C764572B5FB1CAF9B14780C1976"
Last-Modified: Fri, 30 Sep 2022 21:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=956
Expires: Sat, 01 Oct 2022 09:49:37 GMT
Date: Sat, 01 Oct 2022 09:33:41 GMT
Connection: keep-alive
ib.vub.sk/pmchc/in/e7f6f095126abacc08bb6ce05a488c80/8/2c994055703f0ed6d63ad4c1aaf893c9
193.227.213.42200 OK 0 B URL HTTP/1.1 ib.vub.sk/pmchc/in/e7f6f095126abacc08bb6ce05a488c80/8/2c994055703f0ed6d63ad4c1aaf893c9
IP 193.227.213.42:0
ASN #13253 Intesa Sanpaolo S.p.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pmchc/in/e7f6f095126abacc08bb6ce05a488c80/8/2c994055703f0ed6d63ad4c1aaf893c9 HTTP/1.1
Host: ib.vub.sk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 09:33:41 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, proxy-revalidate, no-transform, must-revalidate
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding
challenge-eg.org/wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(3)
192.254.234.51200 OK 0 B URL HTTP/2 challenge-eg.org/wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(3)
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(3) HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:33:41 GMT
server: Apache
content-length: 0
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 18:12:02 GMT
cache-control: max-age=2592000
expires: Sat, 29 Oct 2022 06:53:14 GMT
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(1)
192.254.234.51200 OK 0 B URL HTTP/2 challenge-eg.org/wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(1)
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(1) HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:33:41 GMT
server: Apache
content-length: 0
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 18:12:02 GMT
cache-control: max-age=2592000
expires: Sat, 29 Oct 2022 06:53:12 GMT
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(2)
192.254.234.51200 OK 0 B URL HTTP/2 challenge-eg.org/wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(2)
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(2) HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:33:41 GMT
server: Apache
content-length: 0
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 18:12:02 GMT
cache-control: max-age=2592000
expires: Sat, 29 Oct 2022 06:53:13 GMT
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(4)
192.254.234.51200 OK 0 B URL HTTP/2 challenge-eg.org/wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(4)
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(4) HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:33:41 GMT
server: Apache
content-length: 0
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 18:12:02 GMT
cache-control: max-age=2592000
expires: Sat, 29 Oct 2022 06:53:14 GMT
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/1(1)
192.254.234.51200 OK 0 B URL HTTP/2 challenge-eg.org/wp-content/vub/page/1(1)
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/vub/page/1(1) HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:33:41 GMT
server: Apache
content-length: 0
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 18:12:02 GMT
cache-control: max-age=2592000
expires: Sat, 29 Oct 2022 06:53:12 GMT
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9
192.254.234.51200 OK 0 B URL HTTP/2 challenge-eg.org/wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9 HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:33:41 GMT
server: Apache
content-length: 0
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 18:12:02 GMT
cache-control: max-age=2592000
expires: Sat, 29 Oct 2022 06:53:13 GMT
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2161
Expires: Sat, 01 Oct 2022 10:09:42 GMT
Date: Sat, 01 Oct 2022 09:33:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2161
Expires: Sat, 01 Oct 2022 10:09:42 GMT
Date: Sat, 01 Oct 2022 09:33:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2161
Expires: Sat, 01 Oct 2022 10:09:42 GMT
Date: Sat, 01 Oct 2022 09:33:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4be456dbe857580c7b4c7fca3936e04e
49798c4a15545a49f3870b2a16af78dbf8e168cc
23e42987d5e9939424d5f4e4fe0c38faf20a221732097927dd4a656199d9d315
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10201
x-amzn-requestid: 62562627-78a8-4c17-bf6c-b2c986b9ee8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCFH3IAMFoFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-69637d745165485171ca73b9;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9wh9cCXRRlyQy8kXzSCNzMQSmac9iwgkRBrgyTtaMr6m2vXPRxVogg==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:55:26 GMT
etag: "49798c4a15545a49f3870b2a16af78dbf8e168cc"
content-type: image/jpeg
age: 41895
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbd9802c-4973-4976-984a-910496eaf957.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbd9802c-4973-4976-984a-910496eaf957.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13768189ef98789892981b6a2d5947e4
556f1ccaf585d2c3100a3cc58f27d8c2fa6ca689
09ca5624173c589b5e5db05b48a8822ec257f08395cb18ed635a771edcfc8af3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbd9802c-4973-4976-984a-910496eaf957.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5677
x-amzn-requestid: f37f77cd-dd19-4dec-809e-66a1fb604d88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASGLHDsIAMF1pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffd5a-185f9b185ed35f7317b5c2d5;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:03:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iB6v8A5GEnhmZTth__pkgsa2TNPDzUOOAA-c7RcujjWmfnEUbnHaAw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 02:26:53 GMT
age: 25608
etag: "556f1ccaf585d2c3100a3cc58f27d8c2fa6ca689"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d31a422078d02bda318c693c05a58dc
2df7db53629c7adda2c0a4dfe9c17791b73a75e1
a07fe4e135b52da6dfa9d8a55684f0a3bf5f5ce52c4064c8ab37836a939902a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8299
x-amzn-requestid: 91eed6b6-632f-472b-93d7-4192425fcdfd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF0SoAMFWgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-17bb04894cc786555d693ec3;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pt23XcORl063B99HGVhjQwBrS36T7GBIAQO7StLrEH8PKIc4edxQwQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:55 GMT
age: 42046
etag: "2df7db53629c7adda2c0a4dfe9c17791b73a75e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPnunF35oAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GkrEHhw90BfTYztCLFogp4iElKd2AT8Cs0QdP16knk8cJrSNAES0Bw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 07:38:18 GMT
age: 6923
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc003298b-5703-480c-8a4c-fffa9abe5028.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc003298b-5703-480c-8a4c-fffa9abe5028.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9466667cfaaedbb374259e8fb8dd63e3
0cd9a66508c343b43b095ac7f550919ec35097d3
bb70996bea518ba4ddc2c269e9a7c9bea3a9c91fed124a29570828b89250764c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc003298b-5703-480c-8a4c-fffa9abe5028.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8091
x-amzn-requestid: 78ccaa77-230e-4aa1-a409-7b2a444df9ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF_OIAMFpdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-0384396f2ed848bc1c17e1b7;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G75a-PITD4Wmlxxk_rrpRWNytSGNZlrL_JeoR4A_w6vshDkmRlouPw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:58 GMT
age: 42043
etag: "0cd9a66508c343b43b095ac7f550919ec35097d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7431248d-1154-4162-8551-6080a3be5e21.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7431248d-1154-4162-8551-6080a3be5e21.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa789a3f6f7737f79d81cf0272d0e029
1de4a8e80053d98677350d7f01c9231d2d50e073
f5205ab8f8306a7822ed3d336649fb09738628fea1a92626e4e557f2d8c6d8e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7431248d-1154-4162-8551-6080a3be5e21.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9716
x-amzn-requestid: 0b0313c3-739d-473e-a103-876770cb34d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJo02ElyoAMF4wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333bb52-48ec21e8776bd6cb1d2b0f2f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 03:11:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PxYLSY-_PG8AgeAv1-LNj5d_7fIOEBSLA6HledS_RLR-j4IRkJC8Ew==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 05:13:25 GMT
age: 15616
etag: "1de4a8e80053d98677350d7f01c9231d2d50e073"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(5)
192.254.234.51200 OK 0 B URL HTTP/2 challenge-eg.org/wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(5)
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/vub/page/2c994055703f0ed6d63ad4c1aaf893c9(5) HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:33:41 GMT
server: Apache
content-length: 0
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 18:12:02 GMT
cache-control: max-age=2592000
expires: Sat, 29 Oct 2022 06:53:15 GMT
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ib.vub.sk/pmchc/in/e7f6f095126abacc08bb6ce05a488c80/8/2c994055703f0ed6d63ad4c1aaf893c9
193.227.213.42200 OK 0 B URL HTTP/1.1 ib.vub.sk/pmchc/in/e7f6f095126abacc08bb6ce05a488c80/8/2c994055703f0ed6d63ad4c1aaf893c9
IP 193.227.213.42:0
ASN #13253 Intesa Sanpaolo S.p.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pmchc/in/e7f6f095126abacc08bb6ce05a488c80/8/2c994055703f0ed6d63ad4c1aaf893c9 HTTP/1.1
Host: ib.vub.sk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 09:33:42 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, proxy-revalidate, no-transform, must-revalidate
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding
challenge-eg.org/wp-content/vub/page/92ddf6b1d7b9c73d1e800f5b79d5bea6.woff2
192.254.234.51200 OK 36 kB URL HTTP/2 challenge-eg.org/wp-content/vub/page/92ddf6b1d7b9c73d1e800f5b79d5bea6.woff2
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 36484, version 1.655\012- data
Hash 92ddf6b1d7b9c73d1e800f5b79d5bea6
8a3750ebcccc551a69459d4c773901f8110e5a23
1a359520a00657c09d7a3ff7bfcd6cb0fbc131b3fa1b71910b6c174f9fc9895e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/vub/page/92ddf6b1d7b9c73d1e800f5b79d5bea6.woff2 HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/page/vub.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 18:30:06 GMT
accept-ranges: bytes
content-length: 36484
cache-control: max-age=10368000
expires: Sun, 29 Jan 2023 09:33:42 GMT
vary: Accept-Encoding
content-type: font/woff2
date: Sat, 01 Oct 2022 09:33:42 GMT
server: Apache
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/f5278935e5d452dabe1f3ea40ddb94f9.woff2
192.254.234.51200 OK 47 kB URL HTTP/2 challenge-eg.org/wp-content/vub/page/f5278935e5d452dabe1f3ea40ddb94f9.woff2
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 46616, version 1.655\012- data
Hash f5278935e5d452dabe1f3ea40ddb94f9
4aa053946ae1cb540942cca71ca7ef584336136a
45f65ae82107427f1dbaf04abff5f997f8c6253409bad7e0db8f4d8be4feac85
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/vub/page/f5278935e5d452dabe1f3ea40ddb94f9.woff2 HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/page/vub.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 18:29:56 GMT
accept-ranges: bytes
content-length: 46616
cache-control: max-age=10368000
expires: Sun, 29 Jan 2023 09:33:42 GMT
vary: Accept-Encoding
content-type: font/woff2
date: Sat, 01 Oct 2022 09:33:42 GMT
server: Apache
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/326c5ad41f4fee17fbdffb7295f413ee.jpg
192.254.234.51200 OK 450 kB URL HTTP/2 challenge-eg.org/wp-content/vub/page/326c5ad41f4fee17fbdffb7295f413ee.jpg
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size 450 kB (449840 bytes)
Hash 326c5ad41f4fee17fbdffb7295f413ee
af65a1b362fcdf539c3eafa4166fa109d0c88923
9b6f2260eb186615573feee9a18482a1a8a48bea4d16998fb872a2f90eabe2d7
GET /wp-content/vub/page/326c5ad41f4fee17fbdffb7295f413ee.jpg HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/page/vub.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 18:29:46 GMT
accept-ranges: bytes
content-length: 449840
cache-control: max-age=10368000, public
expires: Sun, 29 Jan 2023 09:33:42 GMT
content-type: image/jpeg
date: Sat, 01 Oct 2022 09:33:42 GMT
server: Apache
X-Firefox-Spdy: h2
ib.vub.sk/nibr/public/45.5.0.53-181573/apple-touch-icon_vub.png
193.227.213.42200 OK 25 kB URL HTTP/1.1 ib.vub.sk/nibr/public/45.5.0.53-181573/apple-touch-icon_vub.png
IP 193.227.213.42:0
ASN #13253 Intesa Sanpaolo S.p.A.
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 0dbf60ec3227ee81fef6e0328aaa1a84
d0df0db83f9500e702dd3f4b42ae5a9548ef58fc
604503fb474ceb86efac999e757f303c02b225bd9cbc68f9825f8b5ceef2a09b
GET /nibr/public/45.5.0.53-181573/apple-touch-icon_vub.png HTTP/1.1
Host: ib.vub.sk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 09:33:42 GMT
Last-Modified: Fri, 09 Sep 2022 09:20:58 GMT
ETag: "6185-5e83b1050d280"
Accept-Ranges: bytes
Content-Length: 24965
Cache-control: public,max-age=31536000
Vary: Accept-Encoding
Server-Timing: dtSInfo;desc="1"
Keep-Alive: timeout=30, max=1197
Connection: Keep-Alive
Content-Type: image/png
X-Frame-Options: Deny
Set-Cookie: dtCookie=v_4_srv_1_sn_759E587D872584DA086F7376FB060BDF_perc_100000_ol_0_mul_1_app-3A53f12d3afb172789_0; Path=/; Domain=.vub.sk
nib=rd4o00000000000000000000ffffc0a86626o443; path=/; Httponly; Secure
f5avraaaaaaaaaaaaaaaa_session_=JLCPAPBLOEOANDMOEGAFJAEFEBKINDEBDIGDIBNCBGDFPGFNNBBMJABDLLADKEEBMGKDMPGLFIDDNEGIGKEAIOBNJAGIAKMKAEOJFMLHCOMBFBJKMBIFBKIMGIPBNECO; HttpOnly; secure
TS019ac156=01a17e8488f40a2b8004215490916d8eced1f0b30a48724a939581a814814d4c2bed978b16f974292e882e582e83e142125552416fc633cdb3c5446bca2d2f147939ac925116c9a188885f2241a8618f7db8ba5033cd482cc51511cf8b3c5f94da66d043ac; Path=/; Domain=.ib.vub.sk; Expires=Sat, 01-Oct-2022 09:43:42 GMT
ib.vub.sk/nibr/public/45.5.0.53-181573/favicon_vub.ico
193.227.213.42200 OK 1.4 kB URL HTTP/1.1 ib.vub.sk/nibr/public/45.5.0.53-181573/favicon_vub.ico
IP 193.227.213.42:0
ASN #13253 Intesa Sanpaolo S.p.A.
File type MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel\012- data
Hash 991223f12383607c4717de27c561180b
d52f5028319565bec36e729bf9d899b5e68e2c1d
bed01858c7ebdba86158e42179033eb53c1dcdf93d2967cce83d1f6e25d4f2a9
GET /nibr/public/45.5.0.53-181573/favicon_vub.ico HTTP/1.1
Host: ib.vub.sk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2022 09:33:42 GMT
Last-Modified: Fri, 09 Sep 2022 09:20:58 GMT
ETag: "57e-5e83b1050d280"
Accept-Ranges: bytes
Content-Length: 1406
Cache-control: public,max-age=31536000
Vary: Accept-Encoding
Server-Timing: dtSInfo;desc="1"
Keep-Alive: timeout=30, max=1192
Connection: Keep-Alive
Content-Type: image/x-icon
X-Frame-Options: Sameorigin
Set-Cookie: dtCookie=v_4_srv_1_sn_0D9B1E14E18734AF6F3D041D620CE317_perc_100000_ol_0_mul_1_app-3A53f12d3afb172789_1; Path=/; Domain=.vub.sk
nib=rd4o00000000000000000000ffffc0a86625o443; path=/; Httponly; Secure
f5avraaaaaaaaaaaaaaaa_session_=AENGMLJMKDDMEGGLBCFKLNOKOPGNNDHEFAFDPCOEDKENCDAKAKJHPFPENAOPFLIEFJKDLLIFFIJALLGFKLFAOJINJAIANCJEHDKHFILIDPFFDFEMMEJMJJAGKOGPKOGB; HttpOnly; secure
TS019ac156=01a17e84884bcc57a1506bacf4a488c9b8e4a65e7c4d383760add8ab971ce293dcd356498408c2870e6ac8702bdff7255485cfeb82f7129683a6eb98951195023e41c219aabec404c82ab46b454dfcfcdb04051ef35e4b89446856c8ba4a28921f8515f206; Path=/; Domain=.ib.vub.sk; Expires=Sat, 01-Oct-2022 09:43:42 GMT
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 21e55a6ca7350ed834993a486e138de1
c09ee0f2be578f0067b2ed0237d565a04438147e
124ca8ae6e3f7c7bb28f0d47fa693753884261ed61896eccf7bc13f249fc8960
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6959
x-amzn-requestid: eaf91f33-2fe3-4ed5-b89c-6199c2f17651
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCF6toAMFSDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-3b8c7f290ffda97b2d179433;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qAOX_0r1sA_Bzn-UjQXmLObAYDyjiTU45aNSOPFt8ucUOyKfrw5ieg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:59 GMT
age: 42049
etag: "c09ee0f2be578f0067b2ed0237d565a04438147e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/vub.css
192.254.234.51200 OK 0 B URL HTTP/2 challenge-eg.org/wp-content/vub/page/vub.css
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/vub/page/vub.css HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Tue, 27 Sep 2022 15:06:50 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 01 Oct 2023 09:33:41 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Sat, 01 Oct 2022 09:33:41 GMT
server: Apache
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/documents
192.254.234.51200 OK 0 B URL HTTP/2 challenge-eg.org/wp-content/vub/page/documents
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/vub/page/documents HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:33:41 GMT
server: Apache
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 18:12:00 GMT
cache-control: max-age=2592000
expires: Sat, 29 Oct 2022 06:53:12 GMT
content-encoding: gzip
x-server-cache: true
x-proxy-cache: HIT
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/external.css
192.254.234.51200 OK 0 B URL HTTP/2 challenge-eg.org/wp-content/vub/page/external.css
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/vub/page/external.css HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 18:12:00 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sun, 01 Oct 2023 09:33:41 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
date: Sat, 01 Oct 2022 09:33:41 GMT
server: Apache
X-Firefox-Spdy: h2
challenge-eg.org/wp-content/vub/page/94d37ef1dd0d7e7312a3d06bea4df36a.ttf
192.254.234.51200 OK 0 B URL HTTP/2 challenge-eg.org/wp-content/vub/page/94d37ef1dd0d7e7312a3d06bea4df36a.ttf
IP 192.254.234.51:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/vub/page/94d37ef1dd0d7e7312a3d06bea4df36a.ttf HTTP/1.1
Host: challenge-eg.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://challenge-eg.org/wp-content/vub/page/vub.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 01 Oct 2022 09:33:42 GMT
server: Apache
content-type: font/ttf
vary: Accept-Encoding
last-modified: Mon, 26 Sep 2022 18:30:20 GMT
cache-control: max-age=10368000, public
expires: Fri, 27 Jan 2023 06:53:14 GMT
content-encoding: gzip
x-server-cache: true
x-proxy-cache: HIT
X-Firefox-Spdy: h2