firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 15:05:49 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZNpERa8M95eCBojDmRJvPVHYnVfRLC9S7BE3Hnj1cCX052ESJ0qyPQ==
Age: 2722
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11017
Expires: Fri, 09 Sep 2022 18:54:48 GMT
Date: Fri, 09 Sep 2022 15:51:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tCZ3Hqy-MpnwFB5roLN43cIcCKOp7zauun7uGBF-CYlNboBSgV-V0g==
age: 43477
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 15:51:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
157.7.107.140200 OK 29 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55566), with CRLF line terminators
Hash fa4d28ebedf54b943666c868b896a191
530e72dda430c3e3f2041cfaeff142d800803c1b
bf5909976923f3444f814d33d803cc32badb6fdd369fc1ba6555397cc685bea9
Analyzer Verdict Alert openphish Generic/Spear Phishing
fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/s5.html HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:12 GMT
Content-Type: text/html
Content-Length: 29420
Connection: keep-alive
Server: Apache
Last-Modified: Thu, 18 Nov 2021 20:06:48 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 14:56:07 GMT
Expires: Fri, 09 Sep 2022 15:49:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m9aJXEgLvNTldv3ALATlbGfKBUrVC2HPVFVLlnWlwoQvLs6av-sMfQ==
Age: 3305
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/adrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js.download
157.7.107.140200 OK 17 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/adrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (563)
Hash 635fe8b8c25253ad92e8f3a9e2c4fefd
87dc4990666591d9258921bc2846ad5be97d0942
20b8fe4e81301c0b586efaeeecb792f3a8c1931b834d58012a2ba1bee3fdd245
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/adrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:12 GMT
Content-Type: application/javascript
Content-Length: 16612
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6471
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 15:51:12 GMT
Last-Modified: Fri, 09 Sep 2022 14:03:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/boxever-min.js.download
157.7.107.140200 OK 8.1 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/boxever-min.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (555)
Hash 969068a67f0b6fe7679b097de6d87618
5453ca5a2838ea990a604f7eec31156de8d1afcd
7eb2e8fb9e21eec4383b1c667dc75a4d9da3b5a12ca503e2ba82a6d34e9f0fef
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/boxever-min.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:12 GMT
Content-Type: application/javascript
Content-Length: 8106
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/emirates.core.css
157.7.107.140200 OK 41 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/emirates.core.css
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (62155), with CRLF line terminators
Hash 03d4271d9e9abd99857ff4de1d993146
1d08a01bb8948c88bb34670e5b35e1aff9be7ccf
cae761c75e73b7d1bf1c6005f7e0a4c99f9b099d66ca438ffd76ea49017ed26e
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/emirates.core.css HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:12 GMT
Content-Type: text/css
Content-Length: 40767
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/responsive-main.js.download
157.7.107.140200 OK 38 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/responsive-main.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (32019), with CRLF, LF line terminators
Hash 0f15fed5991d11a6ee17a1f03038515f
5fc19fd1a95f545c9448d2b17ec4e401c422fe4c
6f3657946d80d336de6a909f1bb9c2d5bfd456ceefe416ab5eedbaa1745385a0
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/responsive-main.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:12 GMT
Content-Type: application/javascript
Content-Length: 38433
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 95d16e02854b7c08e42723e1b564e168
e6064ee33b954d5d1170050afd45a5a6d514506a
0c4bb90399979ab91dd8c3360849bfcc8272519a3b1d33b4282c3fdb9f661f59
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Sep 2022 15:51:12 GMT
Last-Modified: Fri, 09 Sep 2022 14:22:03 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KGxLjs65lIkytz1XggNtOw5rMciizzZ6rZoRsJh116s9NEF6Jr19Jw==
Age: 5349
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/ek-webfonts.css
157.7.107.140200 OK 1.6 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/ek-webfonts.css
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (3987), with CRLF line terminators
Hash 582a5f1afe6b27adbc97a6ee6abbffbb
8edd161fd3f4425e09f03908b7951ec228108b53
3e6cdb7020c541b19b5ad5edfae26c07d8bf48ad9643860dd8c9915101868696
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/ek-webfonts.css HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:12 GMT
Content-Type: text/css
Content-Length: 1561
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
api.boxever.com/v1.2/browser/create.json?client_key=ekb7q5q7htudvxjat3zmeuv2qjus0z6w&message=%7B%7D&callback=jsonp019523380907653376
34.240.66.35401 Unauthorized 197 B URL HTTP/1.1 api.boxever.com/v1.2/browser/create.json?client_key=ekb7q5q7htudvxjat3zmeuv2qjus0z6w&message=%7B%7D&callback=jsonp019523380907653376
IP 34.240.66.35:0
File type ASCII text, with no line terminators
Hash ea7baf3dcf5c24d2de030a2dd11f9f20
7157fe365194d8520f6638399ef5c09bcfc0e9b4
6386375ae6244bfa84652cdf91eecf3707a2162e6b2a4108438341a47cc621a0
GET /v1.2/browser/create.json?client_key=ekb7q5q7htudvxjat3zmeuv2qjus0z6w&message=%7B%7D&callback=jsonp019523380907653376 HTTP/1.1
Host: api.boxever.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 401 Unauthorized
Content-Type: application/json
Date: Fri, 09 Sep 2022 15:51:13 GMT
X-Robots-Tag: noindex
Content-Length: 197
Connection: keep-alive
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/analytics.js.download
157.7.107.140200 OK 18 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/analytics.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (1490)
Hash 080ec59c6a4ae9a7c608b5378c1525be
f81d4cbe0d779234aee88dbddbd0bf838a286adf
043cfa976d441ef52e4f316649c6a2a57eb8b9d75e518cce1706d3b5d6e10c64
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/analytics.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:12 GMT
Content-Type: application/javascript
Content-Length: 17834
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/opentag-93989-1321710.js.download
157.7.107.140200 OK 37 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/opentag-93989-1321710.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (602)
Hash d36606afb2ee3439c63d7b55ceb5adf4
4ecae06cb50eec88e9f59e014404c94093eb7882
c2529b925bc1bf9809fe749a3c489d6aff341d18c6d065b9ef4dcb7c20bec149
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/opentag-93989-1321710.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:12 GMT
Content-Type: application/javascript
Content-Length: 37166
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/global-navigation-v3.css
157.7.107.140200 OK 40 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/global-navigation-v3.css
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65430), with CRLF line terminators
Hash 7842eb02d1a118c150851e7111570c29
d048724ad72d2767c5fe7f0c2ddb302c56dd7d9d
c2c74e426ed5cdee5c6dc3f888427b136f2bcd8a88e19041a5c19a855ed39ca5
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/global-navigation-v3.css HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:12 GMT
Content-Type: text/css
Content-Length: 40058
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
push.services.mozilla.com/
34.214.236.46101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.236.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: trvdQI2AesoY6G1c18DtoA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VA2YO3pbgKHuyAUJeQ438kVxvME=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 15:51:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
orca.qubitproducts.com/misc/ip?cid=__ip&id=emirates&callback=__qubitIPCallBack
35.227.229.238200 OK 72 B URL HTTP/1.1 orca.qubitproducts.com/misc/ip?cid=__ip&id=emirates&callback=__qubitIPCallBack
IP 35.227.229.238:0
File type ASCII text, with no line terminators
Hash 86839ba34029b46fec55d7afb35166eb
2955225117c8b52757285f6ba090424dbea93835
62807f9df5c3066d49f4106e0bfbc4b13060df8a9b08f7d6f2a7883abcc4e51a
GET /misc/ip?cid=__ip&id=emirates&callback=__qubitIPCallBack HTTP/1.1
Host: orca.qubitproducts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
Vary: Origin
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Length: 72
Via: 1.1 google
cdn.ek.aero/qubit-smartserve/smartserve-3335.js
104.110.0.243200 OK 23 B URL HTTP/1.1 cdn.ek.aero/qubit-smartserve/smartserve-3335.js
IP 104.110.0.243:0
File type ASCII text, with no line terminators
Hash e174615ce001bb4249e86ad04286e500
fdc31163880a889fc940efcebf33b562d93cdcd4
e8578594b131f30326510c32a70935b3407baf5ce26161a70c6803e58f8838e9
GET /qubit-smartserve/smartserve-3335.js HTTP/1.1
Host: cdn.ek.aero
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/
HTTP/1.1 200 OK
Content-Length: 23
Cache-Control: max-age=3600
Date: Fri, 09 Sep 2022 15:51:13 GMT
Connection: keep-alive
Content-Type: text/javascript
fonts.googleapis.com/css?family=Roboto+Condensed&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
142.250.74.10200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese
IP 142.250.74.10:0
Hash 17c7ef8d6c5559a0d952b80ded9e293c
6e99988f0d23e193bb8b8dfa628ff6727d84e6eb
17438a89c87bdb8365948c8dedfceb7a91ba00a57564d4f860409f0aae080ec2
GET /css?family=Roboto+Condensed&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 15:51:13 GMT
date: Fri, 09 Sep 2022 15:51:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/platinum-stretch.css
157.7.107.140200 OK 4.9 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/platinum-stretch.css
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (29235), with CRLF line terminators
Hash 84d38c5d1e96eb68815534297adb049f
830f7a821a67fadaa763a68a2ee135e5ccd74565
88ac44c2ccc8b1ce5a1d4abb26035557f2e5eb55f5c016e1affa3672ba68bc97
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/platinum-stretch.css HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: text/css
Content-Length: 4927
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/initialloadaccount.js.download
157.7.107.140200 OK 787 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/initialloadaccount.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (3235), with CRLF line terminators
Hash 57201e652d1266f8d6219db28159bfae
1377a4ce6d078b6f0c370ede37c895f5770d7ade
1d6bceaaeeb6c936dc2f3d325d784007335c36c6beb54091de5462063ea45bf1
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/initialloadaccount.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Content-Length: 787
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/gtm.js.download
157.7.107.140200 OK 84 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/gtm.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (1889)
Hash 76bb0891ea276c141764cf1ff8d8afed
ab33592a3d38f1c67f24bab175e5078c77b2c6b3
fbd4b9d44b9ad9eff10494b7a089cc65264703ddb5d82530b81aa7464660ddc8
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/gtm.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/platinum.js.download
157.7.107.140200 OK 1.8 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/platinum.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (5884), with CRLF line terminators
Hash 7016ce70d6fb1f9bcb26006923b59737
e4d237bf9d708f9eb90d08f2b69c2ae69a13bac7
3f4b206adcd5ab90b54fdafe4353572d20d98dac46db592bdc5fd335a9cf107b
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/platinum.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Content-Length: 1808
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/ek-core.css
157.7.107.140200 OK 27 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/ek-core.css
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (19986), with CRLF line terminators
Hash c335ef71255e136c85558dacb93c8e4d
ae96c331b8b9faa8c6c4ae225fcd0dd3acb57f29
226b97bea46c680dacf02e9afa06b86caf9301d358c09673e2b4f95ed3fcf604
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/ek-core.css HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: text/css
Content-Length: 27045
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/gtmutilities.js.download
157.7.107.140200 OK 347 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/gtmutilities.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (1164), with CRLF line terminators
Hash e3d9117d8baae2b95050fcb54a5fe71b
c19855e380821f0e020043521e6f2b69d6468dc5
68db84812a44abec57bef537ae0d5163dd58a7767508e280c36aff93fd082f95
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/gtmutilities.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Content-Length: 347
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/manage_booking.js.download
157.7.107.140200 OK 892 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/manage_booking.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2243), with CRLF line terminators
Hash e15bbff1de1f851bd20f7740d2b009b1
5e56d9e6f6a3d9c8f1e0c4332e2db42764012d12
2fb9718dc9aec95c22adf8617a8276088b79a2b97980c4fe82ea05854fe81b2f
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/manage_booking.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Content-Length: 892
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/manage_booking.css
157.7.107.140200 OK 4.7 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/manage_booking.css
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type troff or preprocessor input, ASCII text, with very long lines (11002), with CRLF line terminators
Hash a113007ff56c838e717ee3c7eb8d4f4e
b55f8da96b138383f6382f2f645e0e256c33febb
6232d31061310c2dab580dd4010612099f822031739d234eb5b9ebd586771073
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/manage_booking.css HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: text/css
Content-Length: 4733
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/tealeaf.js.download
157.7.107.140200 OK 35 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/tealeaf.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type Unicode text, UTF-8 text, with very long lines (32003), with CRLF, LF line terminators
Hash b68d82f885bacd8b010b4fbcdaf6883e
b20a465a54f58440859724643e021533510e8de0
4b6ba3c7333a2d55c0ea8f58d6c758d62955f363a899ebaebf4231d96b79a87a
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/tealeaf.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Content-Length: 34934
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/uvbuilder.latest.min.js.download
157.7.107.140200 OK 3.2 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/uvbuilder.latest.min.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (11379)
Hash 12fdc0e1da2ffb9380460b02ec629555
dab92c8d8c7d846ee159b30992317efa48588e2d
f69422fa94d63ba91d3e8cc568715db203f3541afe0ace1d0f568c87ba35d460
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/uvbuilder.latest.min.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Content-Length: 3172
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/52260000.js.download
157.7.107.140200 OK 118 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/52260000.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type core file (Xenix)\012- , ASCII text
Hash 8c4e3a70f133a38fa6bd5e6c86ebab03
ef2b21d945dc0899e134155b3c3f25a069aa2eb2
5442f5ba1ef9467c8cbffca444e379d796dc36fc6e2fdd239404d8950fbc459a
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/52260000.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Content-Length: 118
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/dispatcher-v3.js.download
157.7.107.140200 OK 1.1 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/dispatcher-v3.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2299)
Hash bec23e1d60340f102bc57e4c443c2117
c7f3212dbd97117a80b25855b7cebd0e18323507
e2d82c2ca504510b18e57da720e89f1452ad012c9ae2bca0aa55d796e6d03dbd
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/dispatcher-v3.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Content-Length: 1057
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/yahoo-min.js.download
157.7.107.140200 OK 3.0 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/yahoo-min.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (6013)
Hash a5b2c161a424aeaf067d6246176d64ee
7293cb47259c7065ac91d48096c2a227bc812cbc
36c712dcb454d4b23a4e63d24a6adc9e503f0cf9a8faf3c4a94457fdd25d102f
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/yahoo-min.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Content-Length: 3005
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/smartserve-3335.js.download
157.7.107.140200 OK 222 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/smartserve-3335.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65239)
Size 222 kB (222446 bytes)
Hash dd7d56aefb9888e3fdc27f0064bcfee6
0fc0a746432eabd7d2151ac9ab05edbba5e1ca09
a927226b96da35ea689606ae87fc4e29d1432d6cd02b94433c700fc3bc859b75
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/smartserve-3335.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/cp-v3.js.download
157.7.107.140200 OK 12 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/cp-v3.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with no line terminators
Hash bc6573647ae421e4cd14dcdf34c877ce
a567ddefcd1cfc1bbbaf5323bdadba5795c95478
7fd90f2ec178b50f6924b27d80085370abdb66f52947d3a63d7f8e7a8f56512b
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/cp-v3.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Content-Length: 12
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/json-min.js.download
157.7.107.140200 OK 2.2 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/json-min.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (4764)
Hash 73caddd8ca193f8bbe1008199439f379
bb864f4af973871e416dc2cc2da18bba495f4606
204207a80c315adee6290dfbf2e00e7b96c153621b9d5cc2a732f1859f451705
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/json-min.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Content-Length: 2204
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/event
157.7.107.140200 OK 22 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/event
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash d26c7b4c29aec3335ba6bf155b9e73a3
36427cdc63ad3210946b0bd94567513eaa891237
411b38a4e86389e7b9ca3176e87a168e3ba1ab58b9b543ab4ea0959c87fc5cba
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/event HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Length: 22
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range
www.googletagmanager.com/gtm.js?id=GTM-NVKM49
142.250.74.72302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-NVKM49
IP 142.250.74.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 60355524907f74c4bfa9bb144a159cfe
37400e30e8f3cbf7892ea1bce8840ae06671455c
bbf23e211505ae51b70ce5d450bcbbdfce6204f74d4e5b8e6ae976700c374fa6
GET /gtm.js?id=GTM-NVKM49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-NVKM49
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6bc07f355ecca5d3ea4ac12fdddae171
6e208df7f3d399e829de04922e219fc1c2435c57
3d9b7d0c5baeca09c3c9fb328534f35d11841654c42e00156db1ffdac5ce572f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6533
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 15:51:14 GMT
Last-Modified: Fri, 09 Sep 2022 14:02:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cdn.ek.aero/system/shared/css/images/flags.svg
104.110.0.243200 OK 55 kB URL HTTP/2 cdn.ek.aero/system/shared/css/images/flags.svg
IP 104.110.0.243:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 25929f814a9fe445dc4bbebafbb3c538
09e48069c623f2bdc1e793b973d81ceb1dbd4394
762bbc0770e4d8910d76acca800501a50bb7a35f5b7b4d7f2ac70585ae704e23
GET /system/shared/css/images/flags.svg HTTP/1.1
Host: cdn.ek.aero
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
etag: "bfd25af97518d71:0"
last-modified: Sun, 28 Aug 2022 10:46:45 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-length: 55394
cache-control: public, max-age=569316
date: Fri, 09 Sep 2022 15:51:14 GMT
content-type: image/svg+xml
X-Firefox-Spdy: h2
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/bat.js.download
157.7.107.140200 OK 7.2 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/bat.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (23542), with no line terminators
Hash e52da2e9d56550ac8da2a1b3b4ee3a00
af46b84a3708e125b6a62b98494eea86e0af0962
ef6323328f49366485f5524ecc52605d331e2bff7ee264a2e4be3557c4055442
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/bat.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: application/javascript
Content-Length: 7158
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
fly10.emirates.com/Images/my-trips/login/Cloud_top.png
104.110.0.243200 OK 4.2 kB URL HTTP/2 fly10.emirates.com/Images/my-trips/login/Cloud_top.png
IP 104.110.0.243:0
File type PNG image data, 2880 x 134, 8-bit colormap, non-interlaced\012- data
Hash fb25518e716fb2b4ff56736d5a366ff5
ef34df2c0e87690a6766dc02754c47cd66e29ee8
80645cbf0de0a807e3e929e958c911df21113928e6be8c81b124210a664a644e
GET /Images/my-trips/login/Cloud_top.png HTTP/1.1
Host: fly10.emirates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 26 Feb 2017 11:45:00 GMT
accept-ranges: bytes
etag: "41aec22590d21:0"
x-frame-options: SAMEORIGIN
content-length: 4173
date: Fri, 09 Sep 2022 15:51:14 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=3
strict-transport-security: max-age=15768000 ; preload
referrer-policy: strict-origin-when-cross-origin
X-Firefox-Spdy: h2
cdn.ek.aero/shared/fonts/ek-icons/ek-font-icons.woff
104.110.0.243200 OK 36 kB URL HTTP/2 cdn.ek.aero/shared/fonts/ek-icons/ek-font-icons.woff
IP 104.110.0.243:0
File type Web Open Font Format, TrueType, length 36016, version 1.0\012- data
Hash dda2003260b4caa0b6ca28ba7f83fec5
dfd6019642ef5f5f99c723fc04928cd2b1956524
29785f207fa97d323919a7035b99d88b319eee28eae50b3857252c38183f7023
GET /shared/fonts/ek-icons/ek-font-icons.woff HTTP/1.1
Host: cdn.ek.aero
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
etag: "dda2003260b4caa0b6ca28ba7f83fec5:1493200273"
last-modified: Wed, 26 Apr 2017 09:51:13 GMT
server: AkamaiNetStorage
content-length: 36016
date: Fri, 09 Sep 2022 15:51:14 GMT
content-type: application/font-woff
cache-control: public, max-age=604800
X-Firefox-Spdy: h2
fly10.emirates.com/Images/my-trips/login/bg_clouds.png
104.110.0.243200 OK 303 kB URL HTTP/2 fly10.emirates.com/Images/my-trips/login/bg_clouds.png
IP 104.110.0.243:0
File type PNG image data, 2880 x 630, 8-bit colormap, non-interlaced\012- data
Size 303 kB (303383 bytes)
Hash a77c170410c93f639cb7f078da1564f3
ed6d935d7f14b34c06271a8d27b4c9eb4465a7aa
1fe02bdff5ebf42b33f270a833cd72d7aa81b10affffe107a494eb4dd6d3ac28
GET /Images/my-trips/login/bg_clouds.png HTTP/1.1
Host: fly10.emirates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 26 Feb 2017 11:45:00 GMT
accept-ranges: bytes
etag: "41aec22590d21:0"
x-frame-options: SAMEORIGIN
content-length: 303383
date: Fri, 09 Sep 2022 15:51:14 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=8
strict-transport-security: max-age=15768000 ; preload
referrer-policy: strict-origin-when-cross-origin
X-Firefox-Spdy: h2
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/saved_resource
157.7.107.140200 OK 708 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/saved_resource
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (2044), with CRLF line terminators
Hash 833739d0c535d2d2c7b9cce330db85ba
01ee7658421110a220341354a844157935262c1d
9a598df4431884bd81c57709a9e5201f6c50af7dd6a57035e5c61d5b00e283df
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/saved_resource HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Length: 708
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/fbevents.js.download
157.7.107.140200 OK 28 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/fbevents.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (32091)
Hash e54eebc9510c4ef546fdaadf72e7d299
66372f0b7736fbecc5a870e76e1c472be7591788
e80df0cf7582e11cd8f8e9d6f60a8d59debbb5d7e24bd16d43b762edfda5acd8
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/fbevents.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: application/javascript
Content-Length: 27468
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
cdn.ek.aero/shared/fonts/emirates/emirates-medium.woff2
104.110.0.243200 OK 73 kB URL HTTP/2 cdn.ek.aero/shared/fonts/emirates/emirates-medium.woff2
IP 104.110.0.243:0
File type Web Open Font Format (Version 2), TrueType, length 72576, version 1.-5899\012- data
Hash 82011c27c0bff714ca8f09ff9c16dcb3
dc70699635410f7d503de260b88406a98e568cc5
9d3db58bc71d36080aadcafb0895ad490ba31e93f8640ec134e398b5bc6d3458
GET /shared/fonts/emirates/emirates-medium.woff2 HTTP/1.1
Host: cdn.ek.aero
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
etag: "82011c27c0bff714ca8f09ff9c16dcb3:1527755987"
last-modified: Thu, 31 May 2018 08:39:47 GMT
server: AkamaiNetStorage
content-length: 72576
date: Fri, 09 Sep 2022 15:51:14 GMT
content-type: font/woff2
cache-control: public, max-age=604800
X-Firefox-Spdy: h2
cdn.ek.aero/shared/fonts/emirates/emirates-bold.woff2
104.110.0.243200 OK 72 kB URL HTTP/2 cdn.ek.aero/shared/fonts/emirates/emirates-bold.woff2
IP 104.110.0.243:0
File type Web Open Font Format (Version 2), TrueType, length 72048, version 1.-5899\012- data
Hash cae68f40d0af09f13f342c4a566a4a7f
c4da9e33167be264184112a8d1ce1c7241ee794d
69e1dd4be80beaf33ef8979e6211c5b5ff8ecea7d8f68c7f01637c97c7e41c21
GET /shared/fonts/emirates/emirates-bold.woff2 HTTP/1.1
Host: cdn.ek.aero
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
etag: "cae68f40d0af09f13f342c4a566a4a7f:1527755987"
last-modified: Thu, 31 May 2018 08:39:47 GMT
server: AkamaiNetStorage
content-length: 72048
date: Fri, 09 Sep 2022 15:51:14 GMT
content-type: font/woff2
cache-control: public, max-age=604800
X-Firefox-Spdy: h2
cdn.ek.aero/shared/fonts/emirates/emirates-medium.woff
104.110.0.243200 OK 103 kB URL HTTP/2 cdn.ek.aero/shared/fonts/emirates/emirates-medium.woff
IP 104.110.0.243:0
File type Web Open Font Format, TrueType, length 103420, version 0.0\012- data
Size 103 kB (103420 bytes)
Hash 40bab6c98e581bd41a21b97b95fe1e92
0baa2259ae9d09a757d30d82d37c96004233f15f
5a20938d0a85fb4d4a46e079f10d3c31ed76f3a79795831febf0dc1638ab0def
GET /shared/fonts/emirates/emirates-medium.woff HTTP/1.1
Host: cdn.ek.aero
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
etag: "40bab6c98e581bd41a21b97b95fe1e92:1527755987"
last-modified: Thu, 31 May 2018 08:39:47 GMT
server: AkamaiNetStorage
content-length: 103420
date: Fri, 09 Sep 2022 15:51:14 GMT
content-type: application/font-woff
cache-control: public, max-age=604800
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4494
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 15:51:14 GMT
Connection: keep-alive
cdn.ek.aero/shared/fonts/ek-icons/ek-font-icons.ttf
104.110.0.243200 OK 64 kB URL HTTP/2 cdn.ek.aero/shared/fonts/ek-icons/ek-font-icons.ttf
IP 104.110.0.243:0
File type TrueType Font data, 13 tables, 1st "OS/2", 16 names, Macintosh, Copyright 2016 Adobe Systems Incorporated. All rights reserved.ekRegular1.000;PfEd;ek-font-icons\012- data
Hash 6214acfb60bbdcef8516adbc1a02118b
08a58a6df31dfafec9a9d749d9e50849240e2b24
47a9b27c8c63006bf144b687932ec23e5b6d2ab3f5afc0434cb0d8046fb44a26
GET /shared/fonts/ek-icons/ek-font-icons.ttf HTTP/1.1
Host: cdn.ek.aero
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
etag: "6214acfb60bbdcef8516adbc1a02118b:1493200273"
last-modified: Wed, 26 Apr 2017 09:51:13 GMT
server: AkamaiNetStorage
content-length: 63512
date: Fri, 09 Sep 2022 15:51:14 GMT
content-type: font/ttf
cache-control: public, max-age=604800
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4494
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 15:51:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4494
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 15:51:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4494
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 15:51:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4494
Expires: Fri, 09 Sep 2022 17:06:08 GMT
Date: Fri, 09 Sep 2022 15:51:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:20 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 40734
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:15:21 GMT
age: 63353
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zdVUahmbPQ7sQMlg14M89JOwjN2PEM03GNLYEwxPjcaioRpyqb8isA==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:26:32 GMT
age: 62682
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: eaf81b32-3b53-4e89-a9d0-943bc9f9982f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0j0QFhxoAMF-Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311b34e-114287d30092033a2b54ec01;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:39:58 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: _mlXN3nJ7ZPcUDWIqqiv2CB6dkSJ2Y-AZIXNs4xOj18ZX6DYMdhXAA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:46:19 GMT
age: 65095
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba8d1b764c2d18807caecb5ee1e046c0
c0e3d10ce67f77a92b54954410e30621af7ee87c
f558c4827c2edf896588b6e3f0b4f295269e95f86143b40729a7a2a5e1adbbb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5f31e9e-7d20-466c-a9b3-ce9e9c5475e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9011
x-amzn-requestid: cf861da4-5f3b-43b8-931a-5285839c6301
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQgHFbOoAMFYVQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6133-4cf2e37f5e762a557b081446;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:40:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: wqcl8zkszPZhWjJ7mr_p82IRaNzU2vMV3wtipUYgRaL7Vj3ntmYYqQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:47:07 GMT
age: 65047
etag: "c0e3d10ce67f77a92b54954410e30621af7ee87c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 55971de2-bf63-4300-9007-1bc234962d0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRKXFGTIAMFp3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6242-23914ec672a0a898498bbed6;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:44:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: lxqcvxSdM4FBQBZTNnhCrpl02fsnInyii7Yaw7fs4STzEd2fZIuuXA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
age: 65138
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.ek.aero/shared/fonts/emirates/emirates-bold.woff
104.110.0.243200 OK 104 kB URL HTTP/2 cdn.ek.aero/shared/fonts/emirates/emirates-bold.woff
IP 104.110.0.243:0
File type Web Open Font Format, TrueType, length 103456, version 0.0\012- data
Size 104 kB (103456 bytes)
Hash a480d8f386bd2aaeb7089aaa6de8bc31
4420aedcab9ebb461dbad80b5ccf24e216ec9633
d6d9758ef474eaa268be9742e810589b00838ef513d27c6134f7507bad43ef88
GET /shared/fonts/emirates/emirates-bold.woff HTTP/1.1
Host: cdn.ek.aero
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
etag: "a480d8f386bd2aaeb7089aaa6de8bc31:1527755987"
last-modified: Thu, 31 May 2018 08:39:47 GMT
server: AkamaiNetStorage
content-length: 103456
date: Fri, 09 Sep 2022 15:51:14 GMT
content-type: application/font-woff
cache-control: public, max-age=604800
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 15:51:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/1521558538161128
157.7.107.140200 OK 87 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/1521558538161128
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (64471)
Hash b850f71e5e3b1de60531d405c7146998
f5c630563490e21904bf7746a140378694cd2b5d
5e60f05ca016c24016b48df5f7d49e4fb80fad35b31791fd5bdb02fe5cb4b6f6
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/1521558538161128 HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:13 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/global-navigation-v3.js.download
157.7.107.140200 OK 45 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/global-navigation-v3.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (32037), with CRLF, LF line terminators
Hash a45e4aaee21a596b3e6596f0974e246e
31ff8ddae0eb8cc66a2986e9daa45329caee14ea
b72d5c1b952df372fa07f5d0590008aba0e4b43dd8cb49abb517fdbf5ce8b5cc
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/global-navigation-v3.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: application/javascript
Content-Length: 45381
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/botdetectcaptcha.ashx
157.7.107.140200 OK 5.5 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/botdetectcaptcha.ashx
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type Unicode text, UTF-8 (with BOM) text, with very long lines (505), with CRLF line terminators
Hash 2652662925195e053a03bb353bfb5421
f5a36bfa30eaf72cc4bb968d5b611a8c906dc5af
de2d618cc8cc4e4a4301864e66eb03fa1072f86a283b97137e6fe52c8df13327
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/botdetectcaptcha.ashx HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Length: 5492
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
www.googletagmanager.com/gtm.js?id=GTM-NVKM49
142.250.74.72200 OK 108 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NVKM49
IP 142.250.74.72:0
File type ASCII text, with very long lines (65324)
Size 108 kB (107807 bytes)
Hash 4924b3a769491d6c656e978a5247a77a
0d9db7e8601f6b4b0132ebd7782d0803f7f667a1
8a8fbe82fdd25abcc959b753db277eaab147c81be4706cd734f4f6053fae59da
GET /gtm.js?id=GTM-NVKM49 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://macst.cc/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Sep 2022 15:51:14 GMT
expires: Fri, 09 Sep 2022 15:51:14 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 107807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 15:51:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/responsive-footer.js.download
157.7.107.140200 OK 46 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/responsive-footer.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (18622), with CRLF, LF line terminators
Hash 6d06bb929eac136b34e3fa671a75a1ff
40a7141b9ac95505e78a14e7a1a2b7a4763fcbb8
047238b65e930d8d100eda45e47b79f3c91fb2bf52d0153456f18f8ae1453dac
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/responsive-footer.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: application/javascript
Content-Length: 46182
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/iconography.woff
157.7.107.140404 Not Found 19 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/iconography.woff
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11315)
Hash 445d3af6844c2f665d720d259eae018b
a620414ae1b949396fd3f9ccefa11cca910c4eef
cdaf289919b2096b4c936a3e249bba227791b88ae4417467fa54585c799394b4
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/iconography.woff HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/platinum-stretch.css
Cookie: _qst_s=1; _qsst_s=1662738664280
HTTP/1.1 404 Not Found
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: text/html
Content-Length: 19268
Connection: keep-alive
Server: Apache
Last-Modified: Tue, 25 Jan 2022 06:58:09 GMT
Accept-Ranges: bytes
cdn.ek.aero/downloads/ek/icons/fonts/iconography.woff
104.110.0.243200 OK 80 kB URL HTTP/2 cdn.ek.aero/downloads/ek/icons/fonts/iconography.woff
IP 104.110.0.243:0
File type Web Open Font Format, CFF, length 80048, version 1.0\012- data
Hash c1be60cd52efa4c71e556f11de10d82d
233da46f4d999dcec9d7e45a3c3bb7092902dfb6
f0f1b77f3209d0ca046bea09fd2678f97a4209da270d1424f882614ce3cea3ac
GET /downloads/ek/icons/fonts/iconography.woff HTTP/1.1
Host: cdn.ek.aero
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
etag: "c1be60cd52efa4c71e556f11de10d82d:1513234538"
last-modified: Thu, 14 Dec 2017 06:55:38 GMT
server: AkamaiNetStorage
content-length: 80048
date: Fri, 09 Sep 2022 15:51:14 GMT
content-type: application/font-woff
X-Firefox-Spdy: h2
cdn.ek.aero/downloads/ek/icons/fonts/iconography.ttf
104.110.0.243200 OK 112 kB URL HTTP/2 cdn.ek.aero/downloads/ek/icons/fonts/iconography.ttf
IP 104.110.0.243:0
File type TrueType Font data, 13 tables, 1st "FFTM", 12 names, Macintosh, type 1 string\012- data
Size 112 kB (111748 bytes)
Hash 239480ff57a54b6a50464b70e4754d66
124a87b6641e8e4eb2e04b017eacda6c9e48e80e
6e0d938bcd2e5b57c5deb7b699c05786dd10573b53999eba5df940a4f68f90f8
GET /downloads/ek/icons/fonts/iconography.ttf HTTP/1.1
Host: cdn.ek.aero
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
etag: "239480ff57a54b6a50464b70e4754d66:1513234538"
last-modified: Thu, 14 Dec 2017 06:55:38 GMT
server: AkamaiNetStorage
content-length: 111748
date: Fri, 09 Sep 2022 15:51:14 GMT
content-type: font/ttf
X-Firefox-Spdy: h2
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/b65b7e9def1619f2665ade3d0c6e96
157.7.107.140200 OK 16 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/b65b7e9def1619f2665ade3d0c6e96
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (62628), with no line terminators
Hash db7cacd3ff620b768c6313f3bc103399
e79a0719d66c50cd073096392f5ec3b3d063197d
0c03eaa2bd5d28298e9c54e0f29cc53b8ebb2e0e12006baff888478fe702d768
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/b65b7e9def1619f2665ade3d0c6e96 HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Length: 15776
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/eluminate.js.download
157.7.107.140200 OK 44 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/eluminate.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65268), with CRLF line terminators
Hash b7cfbe176ca7a16a7cc6de2795ba4d07
b2c9b391aedaff707894563d26e27f660344e22e
4eb5b90104d859cfc08ac836f021bdfe075103c8a6537b1fee1f98a6472b6ce2
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/eluminate.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: application/javascript
Content-Length: 44307
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/adrum-4.5.0.773.js.download
157.7.107.140200 OK 20 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/adrum-4.5.0.773.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (646)
Hash 7eaa762b70ea5a9b37ffa7a69b9693df
c150b0d9c45ec96fe924d74bee2a40bbe9edd4e3
c23296dba6b68287e31f4fd3f840c5b759233f41a3d2dbf90abecb73beb665a7
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/adrum-4.5.0.773.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: application/javascript
Content-Length: 20241
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/segment-index-3335.js.download
157.7.107.140200 OK 23 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/segment-index-3335.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4ee49787cea612b666e0ab473a6921cb
7fdd8f4a988e8b0a7896c875ea0f6c64a1b1050c
ad3a69257fc986b8eaa1d7bc686daa7003f2cd199a3a7ac3b57048f2585d5946
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/segment-index-3335.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: application/javascript
Content-Length: 22766
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
cdn.ek.aero/downloads/ek/icons/fonts/iconography.woff
104.110.0.243206 Partial Content 4.1 kB URL HTTP/2 cdn.ek.aero/downloads/ek/icons/fonts/iconography.woff
IP 104.110.0.243:0
Hash 39c820eb537301de73abce2261767b64
aefa473d2af0c8d9ffa3eac61c9eff592e44ddcc
8ac653d4a1bb2ea8462ea18e9e470a58dbbcabf14a17283c771e2e09fd8496c8
GET /downloads/ek/icons/fonts/iconography.woff HTTP/1.1
Host: cdn.ek.aero
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=75976-
If-Range: "c1be60cd52efa4c71e556f11de10d82d:1513234538"
TE: trailers
HTTP/2 206 Partial Content
accept-ranges: bytes
etag: "c1be60cd52efa4c71e556f11de10d82d:1513234538"
last-modified: Thu, 14 Dec 2017 06:55:38 GMT
server: AkamaiNetStorage
date: Fri, 09 Sep 2022 15:51:14 GMT
content-range: bytes 75976-80047/80048
content-length: 4072
content-type: application/font-woff
X-Firefox-Spdy: h2
api.boxever.com/v1.2/boxever-min.js?client_key=ekb7q5q7htudvxjat3zmeuv2qjus0z6w
34.240.66.35401 Unauthorized 0 B URL HTTP/1.1 api.boxever.com/v1.2/boxever-min.js?client_key=ekb7q5q7htudvxjat3zmeuv2qjus0z6w
IP 34.240.66.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1.2/boxever-min.js?client_key=ekb7q5q7htudvxjat3zmeuv2qjus0z6w HTTP/1.1
Host: api.boxever.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 401 Unauthorized
Cache-Control: no-cache
Content-Type: text/plain; charset=utf-8
X-Robots-Tag: noindex
Content-Length: 0
Connection: keep-alive
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/ld.js.download
157.7.107.140200 OK 9.1 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/ld.js.download
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type C source, ASCII text, with very long lines (30338), with no line terminators
Hash 02e7bf38d192eb7d6fdd9d90e627acc6
ec4900b0b97a4ff12ac86548e7419d8e0daab01d
1239f4163d486affc7b9886a74bef9af598498348d0b4c857619716e10182a47
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/ld.js.download HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: application/javascript
Content-Length: 9089
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/Inline_Logo_global_tcm233-4096794.svg
157.7.107.140200 OK 2.1 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/Inline_Logo_global_tcm233-4096794.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 06f083c7c7112e528e4d690a4dad92ac
b393f84f7e770a518b8d3f479ff90fb57bcfdff9
a5bf2fd7005dcbd3fbfe889735b53f679657b150c55cab3b605ad9a26ef20e4c
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/Inline_Logo_global_tcm233-4096794.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: image/svg+xml
Content-Length: 2070
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/s3_ligne_0000.png
157.7.107.140200 OK 172 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/s3_ligne_0000.png
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 749 x 5, 8-bit/color RGB, non-interlaced\012- data
Hash f4b2a9d72b89784cb7c733543419cac6
64f03102a25d1be75f351ceb3e3c37b82c966104
b9bb03d909ae2a1f0c0a4991654c3d964f46c687f4fa06138002264ebbca089e
GET /ue/retailresearch.emirates.claim.gift-cards/s3_ligne_0000.png HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: image/png
Content-Length: 172
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 15 Jul 2018 18:48:00 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/s3_ligne.png
157.7.107.140200 OK 172 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/s3_ligne.png
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 749 x 5, 8-bit/color RGB, non-interlaced\012- data
Hash f4b2a9d72b89784cb7c733543419cac6
64f03102a25d1be75f351ceb3e3c37b82c966104
b9bb03d909ae2a1f0c0a4991654c3d964f46c687f4fa06138002264ebbca089e
GET /ue/retailresearch.emirates.claim.gift-cards/s3_ligne.png HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: image/png
Content-Length: 172
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 15 Jul 2018 18:48:00 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/transparent_white_1X1.png
157.7.107.140200 OK 68 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/transparent_white_1X1.png
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash aaaf049e1f1c0e455850ca51aab70485
5f8e845ffced12819513762ad5fbc834284290f6
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/transparent_white_1X1.png HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: image/png
Content-Length: 68
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/light-1021_tcm233-4341670.png
157.7.107.140200 OK 151 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/light-1021_tcm233-4341670.png
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 1020 x 497, 8-bit gray+alpha, non-interlaced\012- data
Size 151 kB (150927 bytes)
Hash 6a184729e671dfdbf36296ecc1171c83
f51907a03f997fe62f496c2ff60b39f4f250f0ac
1628ddd94630dcd5b1ca4085c3ee4efcefed8436c5ae07883e4d05aa142b85ff
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/light-1021_tcm233-4341670.png HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/saved_resource.html
157.7.107.140200 OK 351 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/saved_resource.html
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (468)
Hash 7f2a0c699e43ddb0c1bfdd4a0f7f8789
7acddcdbfffd3a3c33a1f7ddc80c5fe989e74fb2
8126b65c23a63afef48ef1d09486f2d39e6f561ae996f2a77fabf363137e3ca4
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/saved_resource.html HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
Cookie: _qst_s=1; _qsst_s=1662738664280
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: text/html
Content-Length: 351
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 863f9f9778e13dd2f0c5a0ba852e540b
c13ea25e5880f470779277906d32caec83ad146e
727713f0f68b972669ca2cea3b6d26b0c26ec56a778d4aebd29ec4fc84983fc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1023
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 15:51:15 GMT
Last-Modified: Fri, 09 Sep 2022 15:34:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
creativecdn.com/tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_GLOBAL&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_EN
185.184.8.90302 Found 0 B URL HTTP/2 creativecdn.com/tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_GLOBAL&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_EN
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_GLOBAL&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_EN HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 09 Sep 2022 15:51:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=M0QfXsHBf8AQWLXeNi03;Path=/;Domain=.creativecdn.com;Expires=Sat, 09-Sep-2023 15:51:15 GMT;Max-Age=31536000;Secure;SameSite=None
ts=1662738675;Path=/;Domain=.creativecdn.com;Expires=Sat, 09-Sep-2023 15:51:15 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://creativecdn.com/tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_GLOBAL&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_EN&tc=1
content-length: 0
X-Firefox-Spdy: h2
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/Apple_EN_tcm233-4143604.svg
157.7.107.140200 OK 4.6 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/Apple_EN_tcm233-4143604.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash e3b52d4e2ff30361422e637ff90599e5
73b98bb880bf9bfb5918ee9f1ca275907dda1cd1
5b6833b867ba36a2e9e902a130d791e3d5343dc50bb1e9c77a404af65c5107bc
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/Apple_EN_tcm233-4143604.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: image/svg+xml
Content-Length: 4647
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/Google_EN_tcm233-4143606.svg
157.7.107.140200 OK 3.5 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/Google_EN_tcm233-4143606.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 0ab13026eb1e57d453e515161065dc47
515d40d28e7498f5a97d44352823a5e4af9eff99
47bedbe11b80b799f175bac0e4c55ffe2af6ca15166ae17e7191da9c81276b63
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/Google_EN_tcm233-4143606.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: image/svg+xml
Content-Length: 3523
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
creativecdn.com/tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_GLOBAL&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_EN&tc=1
185.184.8.90204 No Content 0 B URL HTTP/2 creativecdn.com/tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_GLOBAL&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_EN&tc=1
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_GLOBAL&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_EN&tc=1 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://macst.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
X-Firefox-Spdy: h2
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/emirates-logo-badge_tcm233-4139304.svg
157.7.107.140200 OK 1.5 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/emirates-logo-badge_tcm233-4139304.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3539), with no line terminators
Hash e7ab2b9a5f4ced04740f2caa735a5e61
6b819f5194de7a2a16c2ed7e1211eb07ffcf0671
e69ba6d6ba3e305dfb021533c56f3535bc069ecc4210d112d8851817e7f937f4
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/emirates-logo-badge_tcm233-4139304.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: image/svg+xml
Content-Length: 1513
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0a1d9d97bc4fe6f2be5a172eb59108a0
96b8274c71a8de19563795a864ecd78f77fee928
9b5d1ff868612534d782a697ee1cc61bad40a0b8d0667ba96d735b5216bcf604
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1991
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 15:51:15 GMT
Last-Modified: Fri, 09 Sep 2022 15:18:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/emirates-logo-badge_tcm233-4139303.svg
157.7.107.140200 OK 1.5 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/emirates-logo-badge_tcm233-4139303.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3539), with no line terminators
Hash e7ab2b9a5f4ced04740f2caa735a5e61
6b819f5194de7a2a16c2ed7e1211eb07ffcf0671
e69ba6d6ba3e305dfb021533c56f3535bc069ecc4210d112d8851817e7f937f4
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/emirates-logo-badge_tcm233-4139303.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: image/svg+xml
Content-Length: 1513
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/facebook.svg
157.7.107.140200 OK 573 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/facebook.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1eb3f3470cedf13312432e9a04ac88c1
a6df7331db89c5648806d9290c0d81c3bd6b8a03
026160728588df0cdeea6861b7ee64b9a9676cd17217404cf10dedffde644df8
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/facebook.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: image/svg+xml
Content-Length: 573
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/CoinsOnair_WIFI_355x184_tcm233-4137221.png
157.7.107.140200 OK 99 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/CoinsOnair_WIFI_355x184_tcm233-4137221.png
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type PNG image data, 355 x 184, 8-bit/color RGBA, non-interlaced\012- data
Hash 26c4e2d181cd7a1cb179575d2b1add67
3ade379000adcfada0f0672bd8f8a9ed83079683
c9db5be6eb59d90b9b9de1bb3c553fe7e301b257d1df9939bc48e2a5a4c8533f
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/CoinsOnair_WIFI_355x184_tcm233-4137221.png HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2643953ac6f24284e845df184732a642
e20b4b5d95f9c308da785b4d257c376c3fd02dd1
2e6683394b2d64cb86c7639d069a6ffea2afae903e1eb11de9cfb1a7126e42a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E6683394B2D64CB86C7639D069A6FFEA2AFAE903E1EB11DE9CFB1A7126E42A9"
Last-Modified: Fri, 09 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 09 Sep 2022 21:51:15 GMT
Date: Fri, 09 Sep 2022 15:51:15 GMT
Connection: keep-alive
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/twitter.svg
157.7.107.140200 OK 884 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/twitter.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash a25ee01a7539412952042024a185c4ec
afa8809a33e095fe3620d24c973d29f43bdb8873
b64b6ec0640a39df2854dc252f278295759c8ec1feeaea9255d9317022b79402
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/twitter.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: image/svg+xml
Content-Length: 884
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/youtube.svg
157.7.107.140200 OK 720 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/youtube.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash d1ae7e44eb89646e7469c5f7795e9f3f
9617b8d8fb13da36d15ab792e5982f5201f735d6
53b3f114675207adc5b8dd09348f21307edfbb51fd198f87f74dd20a35b924ae
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/youtube.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: image/svg+xml
Content-Length: 720
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/linkedin.svg
157.7.107.140200 OK 669 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/linkedin.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 4181512f68adc949d8ee576bc6f8a3e7
7d591bc9eed848a57e7d6d364d39e7a37988e90e
9e3c0e528d4ef8643aa086ea62d9098dd38ea8038d1f9170df3e7413104a30b1
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/linkedin.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: image/svg+xml
Content-Length: 669
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/instagram.svg
157.7.107.140200 OK 1.5 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/instagram.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash bb9841719a26b4ee71ed3293f29ebb10
27e4b3b21caf4cd0caa23b5affc3ce15ac7eab92
670281f76677cca08b38f0e6bf33ba5cfa7dec6d61904caa20e6099f96a75487
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/instagram.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: image/svg+xml
Content-Length: 1509
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:22 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/Apex_Badge_EN_tcm233-5456919.svg
157.7.107.140200 OK 4.8 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/Apex_Badge_EN_tcm233-5456919.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5b4c26ad84145ad10f708816c4728f69
cb4e75205194040fb0c631491817d59092b8a24e
87bae0d13fd9bdd53b2e0fedae81160ac2b9ff55bce167687c2051c673f8751d
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/Apex_Badge_EN_tcm233-5456919.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: image/svg+xml
Content-Length: 4787
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/tripadvisor-badge_tcm233-4231455.svg
157.7.107.140200 OK 8.0 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/tripadvisor-badge_tcm233-4231455.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d86188adb3e3ef2198709067087176ee
b14f31acd818b752d3696b0bd46d56580245334c
9ce29f24cef1b70644139e825cd2d2488bf0e96840c182175286e287c3526979
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/tripadvisor-badge_tcm233-4231455.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: image/svg+xml
Content-Length: 8047
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 92f8aba7c01c0c6bdd0d19a1ed19f727
d87562dfbe5169143d59037918acff1178959439
aa7248a08aee7cc8945589619c61178cd97b035ffb58524b90e24d5801379d26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2001
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 15:51:15 GMT
Last-Modified: Fri, 09 Sep 2022 15:17:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 314
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/skytrax_badge_2019_tcm233-4231454.svg
157.7.107.140200 OK 7.4 kB URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/skytrax_badge_2019_tcm233-4231454.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (985)
Hash 1b560346f100a9f987dae8c380b9a777
01b34709633bd812581de9ab9500405722e55915
906af30488dedb4bf44a5d60485a6be6db14d4e3daa516630ef26d2319b40606
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/skytrax_badge_2019_tcm233-4231454.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: image/svg+xml
Content-Length: 7361
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip
gum.criteo.com/syncframe?topUrl=macst.cc
178.250.2.146200 OK 5.0 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=macst.cc
IP 178.250.2.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13316)
Hash 181c25894e51d690724137e6ef8c8edb
cdd752d270f4b063b042e6ddbd3d0d7a33a15b2f
8fa0090c8a85ec34d05870f6b3ffd5e913fa64c00df8a3be9329e87e26a4877b
GET /syncframe?topUrl=macst.cc HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 15:51:14 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=b3341fde-bf62-407d-b957-46f67a003ad6; expires=Wed, 04 Oct 2023 15:51:15 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 484247
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/0
157.7.107.140200 OK 0 B URL HTTP/1.1 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/0
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/0 HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
HTTP/1.1 200 OK
Date: Fri, 09 Sep 2022 15:51:15 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Server: Apache
Last-Modified: Sun, 17 Nov 2019 05:03:24 GMT
Accept-Ranges: none
Vary: Range
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9d47c8d54152f25ad63c99b8c791fd51
429fb525ae79b819a40dcd3179a2b884a105cc37
7630ec788a0b411fc02fe2483720dbbce7abbd033db5d33ac3c56a25fb7f2d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5918
Cache-Control: max-age=99797
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 15:51:15 GMT
Etag: "631a2caa-139"
Expires: Sat, 10 Sep 2022 19:34:32 GMT
Last-Modified: Thu, 08 Sep 2022 17:55:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9d47c8d54152f25ad63c99b8c791fd51
429fb525ae79b819a40dcd3179a2b884a105cc37
7630ec788a0b411fc02fe2483720dbbce7abbd033db5d33ac3c56a25fb7f2d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5918
Cache-Control: max-age=99797
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 15:51:15 GMT
Etag: "631a2caa-139"
Expires: Sat, 10 Sep 2022 19:34:32 GMT
Last-Modified: Thu, 08 Sep 2022 17:55:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
www.emirates.com/apple-touch-icon.png
104.110.0.243200 OK 3.3 kB URL HTTP/2 www.emirates.com/apple-touch-icon.png
IP 104.110.0.243:0
File type PNG image data, 60 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 89f511ea6e9b364d0c2b5d96d7f25ec2
5aa14c768a4efa9766fe4c145f97d3acfac9d240
d8c027501a396d51d72d3a4a2df090d7c9abe928a093bd3933394621071077af
GET /apple-touch-icon.png HTTP/1.1
Host: www.emirates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3305
last-modified: Sun, 14 Mar 2021 02:01:40 GMT
accept-ranges: bytes
etag: "de2069f97518d71:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
date: Fri, 09 Sep 2022 15:51:15 GMT
x-ek-edgecache: true
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
www.emirates.com/favicon.ico
104.110.0.243200 OK 8.4 kB URL HTTP/2 www.emirates.com/favicon.ico
IP 104.110.0.243:0
File type MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Hash 557da9e1bd991e23ad225bd74c0d11c3
9dbc8d290989f0dc86b483f316788c08f4fd47ca
985829e36de39448697d796f80d4ce99eb492f16f7afb2ce84a5a3d171105213
GET /favicon.ico HTTP/1.1
Host: www.emirates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 8380
last-modified: Sun, 14 Mar 2021 02:01:40 GMT
accept-ranges: bytes
etag: "5eed8cf97518d71:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
date: Fri, 09 Sep 2022 15:51:15 GMT
x-ek-edgecache: true
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11367
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 17:32:37 GMT
Accept-Ranges: bytes
ETag: "80a8697a8a2d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=0642D46C93F26FE4328EC67692A56E01; domain=.bing.com; expires=Wed, 04-Oct-2023 15:51:15 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: B6E6366AFBD8469BB1134C6EFDF81964 Ref B: OSL30EDGE0414 Ref C: 2022-09-09T15:51:15Z
Date: Fri, 09 Sep 2022 15:51:15 GMT
macst.cc/resources/b65b7e9def1619f2665ade3d0c6e96
157.7.107.140404 Not Found 19 kB URL HTTP/2 macst.cc/resources/b65b7e9def1619f2665ade3d0c6e96
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
Hash 8f001e73da29fb14d56eb6f3e225f9cb
a69c204e7f2a3a6a99184308ea37f01cdd5dc969
4a426ba78361f4777062d47ff4104c72eab114707d1154e3a7eaf49464bd0750
Analyzer Verdict Alert fortinet Phishing
POST /resources/b65b7e9def1619f2665ade3d0c6e96 HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1041
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 09 Sep 2022 15:51:15 GMT
content-type: text/html
content-length: 19268
server: Apache
last-modified: Tue, 25 Jan 2022 06:58:09 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
bat.bing.com/p/action/5711176.js
204.79.197.200200 OK 666 B URL HTTP/2 bat.bing.com/p/action/5711176.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash dcaf27cad31faf135a0bdad92937fd65
a12934ab7d20d4de784b1e8900964e61174b62b3
69026f869ad02a8cbf2c9ae6283675a0cd73f984f88dfbad4c16dd6bdca1bbcf
GET /p/action/5711176.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 666
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=2145E35BDCAB6F7C26D3F141DD5E6EAA; domain=.bing.com; expires=Wed, 04-Oct-2023 15:51:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 14DAAEC3EE914B439EA21B2B61A0740E Ref B: OSL30EDGE0206 Ref C: 2022-09-09T15:51:15Z
date: Fri, 09 Sep 2022 15:51:15 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5711176&Ver=2&mid=3c935454-4604-4934-8694-edada12d3d6a&sid=3796f2d0305711ed9d4b97914176a608&vid=3796fed0305711edb87ea54f5af34104&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Customer%20Satisfaction%20Survey%7C%20Emirates&p=http%3A%2F%2Fmacst.cc%2Fue%2Fretailresearch.emirates.claim.gift-cards%2Fs5.html&r=<=3154&evt=pageLoad&sv=1&rn=516675
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5711176&Ver=2&mid=3c935454-4604-4934-8694-edada12d3d6a&sid=3796f2d0305711ed9d4b97914176a608&vid=3796fed0305711edb87ea54f5af34104&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Customer%20Satisfaction%20Survey%7C%20Emirates&p=http%3A%2F%2Fmacst.cc%2Fue%2Fretailresearch.emirates.claim.gift-cards%2Fs5.html&r=<=3154&evt=pageLoad&sv=1&rn=516675
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5711176&Ver=2&mid=3c935454-4604-4934-8694-edada12d3d6a&sid=3796f2d0305711ed9d4b97914176a608&vid=3796fed0305711edb87ea54f5af34104&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Customer%20Satisfaction%20Survey%7C%20Emirates&p=http%3A%2F%2Fmacst.cc%2Fue%2Fretailresearch.emirates.claim.gift-cards%2Fs5.html&r=<=3154&evt=pageLoad&sv=1&rn=516675 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0B289D289FA56C1425CA8F329E506DFB; domain=.bing.com; expires=Wed, 04-Oct-2023 15:51:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 221A2561816E43DCB4CC9ED0D3041AC5 Ref B: OSL30EDGE0206 Ref C: 2022-09-09T15:51:15Z
date: Fri, 09 Sep 2022 15:51:15 GMT
X-Firefox-Spdy: h2
creativecdn.com/tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_NotSet
185.184.8.90302 Found 0 B URL HTTP/2 creativecdn.com/tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_NotSet
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_NotSet HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 09 Sep 2022 15:51:16 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=KJHe6OYhPzUA82oI9DSE;Path=/;Domain=.creativecdn.com;Expires=Sat, 09-Sep-2023 15:51:16 GMT;Max-Age=31536000;Secure;SameSite=None
ts=1662738676;Path=/;Domain=.creativecdn.com;Expires=Sat, 09-Sep-2023 15:51:16 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://creativecdn.com/tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_NotSet&tc=1
content-length: 0
X-Firefox-Spdy: h2
cdn.appdynamics.com/adrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js
143.204.55.51200 OK 20 kB URL HTTP/1.1 cdn.appdynamics.com/adrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js
IP 143.204.55.51:0
File type ASCII text, with very long lines (563)
Hash 308d623529f926fea898b8ff10b7fffb
9012e2d607412d91477e7fc9f119478497c12756
085c219edce91818fa1f48899cb8389ae020850bda9d3fe680e4b163dc90f570
GET /adrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.16.1
Last-Modified: Mon, 14 May 2018 17:55:05 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
timing-allow-origin: *
Content-Encoding: gzip
Date: Mon, 22 Aug 2022 06:39:26 GMT
Cache-Control: public, max-age=2678400, s-max-age=14400
ETag: W/"5af9cd79-c81b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0h3bCPEoAFg7b7k5FcM_9fSmk98l_ytncW9SpCWNHUNjOh6RlwAGqw==
Age: 1588310
creativecdn.com/tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_NotSet&tc=1
185.184.8.90204 No Content 0 B URL HTTP/2 creativecdn.com/tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_NotSet&tc=1
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_NotSet&tc=1 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://macst.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/5711176
40.90.65.32200 OK 25 kB URL HTTP/2 www.clarity.ms/tag/uet/5711176
IP 40.90.65.32:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash c3acb5ea4e0f497941607b55ef296c9a
017d04d8010d3f3dde37e612c7c040c5a1885bcc
9e2c725feda44fc5c06dcb34aa7ab91badf7996d26efaab922c3647370e3f70f
GET /tag/uet/5711176 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=43d2d3a629d640dea37640a247baacc0.20220909.20230909; expires=Sat, 09 Sep 2023 15:51:16 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 09GAbYwAAAACwgNEVg5b0SIRwSm1C4ushTVVDMzBFREdFMDYyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 09 Sep 2022 15:51:15 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ddcebb69c7b9fd5f05b8d7e91c2a1149
136be070e2f8d2eb3eedd332e5112a7e58888cba
3476b8974986d82f00256a513714ed1a7e84e26bce65e1f254b233cbb52d6ccf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 419
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 15:51:16 GMT
Last-Modified: Fri, 09 Sep 2022 15:44:18 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
dnacdn.net/dna
178.250.2.146200 OK 447 B IP 178.250.2.146:0
Hash c4aee0e77bc29a47c65ea7b56a0e5a73
9322dd927d692fbf7ab308e1422a8c486e2d74e3
034a49019fb49dee5a4ce9c8cafebca9732929c40a311d5185a491346d88f1d7
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=u7g4WF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czlpQzNCdk11c2ViNUxkOEtSWTJna28lMkZ6Qk8lMkJIM1JkbmUzRmRYejJuYyUyQmU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Sep 2022 15:51:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=ZcK2V180M0RITmhlJTJCZkMwOUJGQlhaMUN2czlpQzNCdk11c2ViNUxkOEtSWTJna3FsNGVndkdXQ01pZlVQdUZvUng2RzQ; expires=Wed, 04 Oct 2023 15:51:16 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 333069
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=E58DAF995FBB412A887C857681CCD196&RedC=c.clarity.ms&MXFR=2F4BB08709F7698B2E00A29D0DF767A4
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=E58DAF995FBB412A887C857681CCD196&RedC=c.clarity.ms&MXFR=2F4BB08709F7698B2E00A29D0DF767A4
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=E58DAF995FBB412A887C857681CCD196&RedC=c.clarity.ms&MXFR=2F4BB08709F7698B2E00A29D0DF767A4 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://macst.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=E58DAF995FBB412A887C857681CCD196&MUID=3C64D084D7786F961471C29ED68D6E3E
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=3C64D084D7786F961471C29ED68D6E3E; domain=c.bing.com; expires=Wed, 04-Oct-2023 15:51:16 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0ADBC7AF24A24CDCAF2C6571CD169DC7 Ref B: OSL30EDGE0206 Ref C: 2022-09-09T15:51:16Z
date: Fri, 09 Sep 2022 15:51:16 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=E58DAF995FBB412A887C857681CCD196&MUID=3C64D084D7786F961471C29ED68D6E3E
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=E58DAF995FBB412A887C857681CCD196&MUID=3C64D084D7786F961471C29ED68D6E3E
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=E58DAF995FBB412A887C857681CCD196&MUID=3C64D084D7786F961471C29ED68D6E3E HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://macst.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Wed, 17 Aug 2022 23:56:46 GMT
accept-ranges: bytes
etag: "de363c295b2d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 09-Sep-2022 16:01:16 GMT; path=/; SameSite=None; Secure;
date: Fri, 09 Sep 2022 15:51:16 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1208
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://macst.cc
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Fri, 09 Sep 2022 15:51:16 GMT
X-Firefox-Spdy: h2
bat.bing.com/actionp/0?ti=5711176&Ver=2&mid=3c935454-4604-4934-8694-edada12d3d6a&sid=3796f2d0305711ed9d4b97914176a608&vid=3796fed0305711edb87ea54f5af34104&vids=1&msclkid=N&evt=dedup
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/actionp/0?ti=5711176&Ver=2&mid=3c935454-4604-4934-8694-edada12d3d6a&sid=3796f2d0305711ed9d4b97914176a608&vid=3796fed0305711edb87ea54f5af34104&vids=1&msclkid=N&evt=dedup
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /actionp/0?ti=5711176&Ver=2&mid=3c935454-4604-4934-8694-edada12d3d6a&sid=3796f2d0305711ed9d4b97914176a608&vid=3796fed0305711edb87ea54f5af34104&vids=1&msclkid=N&evt=dedup HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=29347FABFB316F0E13A26DB1FAC46E2D; domain=.bing.com; expires=Wed, 04-Oct-2023 15:51:17 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4F6B2BA8CBFC4D86A13D7A0B8E28E285 Ref B: OSL30EDGE0206 Ref C: 2022-09-09T15:51:17Z
date: Fri, 09 Sep 2022 15:51:16 GMT
X-Firefox-Spdy: h2
fra-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/EC-AAB-BFE/adrum
52.59.18.140200 OK 0 B URL HTTP/1.1 fra-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/EC-AAB-BFE/adrum
IP 52.59.18.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /eumcollector/beacons/browser/v1/EC-AAB-BFE/adrum HTTP/1.1
Host: fra-col.eum-appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 18341
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
content-type: text/html
date: Fri, 09 Sep 2022 15:51:17 GMT
expires: 0
pragma: no-cache
server: envoy
vary: *
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
Content-Length: 0
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7d3752fb9bfaa323218e5a7b93aa5c6
08b4d519a099b04a9f1515377d02e51575f3321f
fa33f2240aea7395b0be62683743523beb1f0f11cb390f4d532e3474610a812c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94f950b-af66-4803-868a-b00031195100.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7646
x-amzn-requestid: 1f48393e-8665-4591-a2a6-07953a68bb16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEaGTGwdIAMF47A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63180a28-1116d4bf11e2133503ac1429;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 03:04:08 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: S1y8if_u-ZqeKT0Wx9eyOaKNOmhcaydzfxwQeBQ-hArLtQG6ckJ8EQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 03:38:26 GMT
age: 43974
etag: "08b4d519a099b04a9f1515377d02e51575f3321f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
macst.cc/TealeafTarget.aspx
157.7.107.140404 Not Found 19 kB URL HTTP/1.1 macst.cc/TealeafTarget.aspx
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11315)
Hash 445d3af6844c2f665d720d259eae018b
a620414ae1b949396fd3f9ccefa11cca910c4eef
cdaf289919b2096b4c936a3e249bba227791b88ae4417467fa54585c799394b4
Analyzer Verdict Alert fortinet Phishing
POST /TealeafTarget.aspx HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-Type: application/json
X-Tealeaf: device (UIC) Lib/5.1.0.1731
X-TealeafType: GUI
X-TeaLeaf-Page-Url: /ue/retailresearch.emirates.claim.gift-cards/s5.html
X-Tealeaf-MessageTypes: 1,2,7
ADRUM: isAjax:true
Content-Length: 1890
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/s5.html
Cookie: _qst_s=1; _qsst_s=1662738664280; cto_lwid=7da0cafd-cf4b-4561-9851-2c12bd0c94b4; _uetsid=3796f2d0305711ed9d4b97914176a608; _uetvid=3796fed0305711edb87ea54f5af34104; _clck=1cu78fp|1|f4q|0; cto_bundle=mArzY19uVHhHJTJGbUc4OW4zcXlPd0hoSzdpNXc1U2g2SDlXdnRWeEdOMHFtSlV2WkJWMTFUVTB5MCUyRk55YSUyRkthTHE5bnk0VCUyQmhSNnBueTN2N0E3RGhrTVViUE9FbFlwJTJGYlVtelFPd0p5dCUyRnlLSXhnd3VoblFlb3F3JTJCeGh2Q0hmZmZ6a1BE; _clsk=vivxat|1662738668169|1|0|b.clarity.ms/collect
HTTP/1.1 404 Not Found
Date: Fri, 09 Sep 2022 15:51:21 GMT
Content-Type: text/html
Content-Length: 19268
Connection: keep-alive
Server: Apache
Last-Modified: Tue, 25 Jan 2022 06:58:09 GMT
Accept-Ranges: bytes
macst.cc/resources/b65b7e9def1619f2665ade3d0c6e96
157.7.107.140404 Not Found 0 B URL HTTP/2 macst.cc/resources/b65b7e9def1619f2665ade3d0c6e96
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
POST /resources/b65b7e9def1619f2665ade3d0c6e96 HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 971
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 09 Sep 2022 15:51:15 GMT
content-type: text/html
content-length: 19268
server: Apache
last-modified: Tue, 25 Jan 2022 06:58:09 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
macst.cc/system/shared/Images/globalnavigation/icons/external_link.svg
157.7.107.140404 Not Found 0 B URL HTTP/1.1 macst.cc/system/shared/Images/globalnavigation/icons/external_link.svg
IP 157.7.107.140:0
ASN #7506 GMO Internet,Inc
Analyzer Verdict Alert fortinet Phishing
GET /system/shared/Images/globalnavigation/icons/external_link.svg HTTP/1.1
Host: macst.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Manage%20your%20booking%20_%20Emirates_files/global-navigation-v3.css
Cookie: _qst_s=1; _qsst_s=1662738664280
HTTP/1.1 404 Not Found
Date: Fri, 09 Sep 2022 15:51:14 GMT
Content-Type: text/html
Content-Length: 19268
Connection: keep-alive
Server: Apache
Last-Modified: Tue, 25 Jan 2022 06:58:09 GMT
Accept-Ranges: bytes
ag.gbc.criteo.com/newidsd
185.235.84.69200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.69:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 15:51:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 64393
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.134200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.134:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 09 Sep 2022 15:51:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 92813
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.appdynamics.com/adrum-xd.f1b9622831c5f758b69f8c4fafbe9659.html
143.204.55.51200 OK 0 B URL HTTP/2 cdn.appdynamics.com/adrum-xd.f1b9622831c5f758b69f8c4fafbe9659.html
IP 143.204.55.51:0
GET /adrum-xd.f1b9622831c5f758b69f8c4fafbe9659.html HTTP/1.1
Host: cdn.appdynamics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
date: Wed, 24 Aug 2022 00:43:04 GMT
server: nginx/1.16.1
last-modified: Mon, 14 May 2018 17:55:19 GMT
etag: W/"5af9cd87-7e2"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LgX_vyYUajhfhBxCn1bqZRR2SUjUwX9FYGSVGYyiE5qGhX0LipuDaQ==
age: 1436892
X-Firefox-Spdy: h2