Overview

URL macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html
IP157.7.107.140
ASNGMO Internet,Inc
Location Japan
Report completed2022-09-20 11:39:46 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/gtm.js Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/ope (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/res (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/ini (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/pla (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/gtm (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/tags.js Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/tea (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/uvb (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/522 (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/dis (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/yah (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/cp-v3.js Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/sma (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/jso (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/fbe (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/box (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/ana (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/a Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/pre (...) Phishing
2022-09-20 2 macst.cc/system/shared/Images/globalnavigation/icons/external_link.svg Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/glo (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/res (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/eol (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/ico (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/cf0 (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/adr (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/elu (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/ld.js Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/Inl (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/fac (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/twi (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/you (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/lin (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/ins (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/Ape (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/tri (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/sky (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/App (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/emi (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/emi (...) Phishing
2022-09-20 2 macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/Goo (...) Phishing
2022-09-20 2 macst.cc/TealeafTarget.aspx Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (31)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-20 09:38:21 UTC 216.58.211.10
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-20 04:46:53 UTC 34.120.237.76
mnemonic passive DNS c.clarity.ms (2) 803 2021-02-03 23:22:47 UTC 2022-09-20 08:29:03 UTC 20.234.93.27
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-20 04:47:04 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-09-20 04:47:45 UTC 142.250.74.3
mnemonic passive DNS api.boxever.com (2) 40039 2013-02-02 10:35:32 UTC 2022-09-20 05:20:20 UTC 34.254.2.123
mnemonic passive DNS dnacdn.net (2) 3760 2019-09-02 15:07:45 UTC 2022-09-20 06:37:54 UTC 178.250.2.146
mnemonic passive DNS ag.gbc.criteo.com (1) 5925 2018-12-17 13:17:41 UTC 2022-09-20 05:25:10 UTC 185.235.84.114
mnemonic passive DNS gem.gbc.criteo.com (1) 6039 2019-02-06 06:21:41 UTC 2022-09-20 05:25:10 UTC 178.250.6.69
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-20 05:19:24 UTC 143.204.55.49
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
mnemonic passive DNS bat.bing.com (3) 387 2014-04-08 09:23:16 UTC 2022-09-20 08:29:02 UTC 13.107.21.200
mnemonic passive DNS creativecdn.com (2) 201462 2012-06-18 13:42:08 UTC 2022-09-20 04:49:51 UTC 185.184.8.90
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-20 04:47:05 UTC 23.36.77.32
mnemonic passive DNS macst.cc (51) 0 2020-03-20 06:10:55 UTC 2022-09-20 11:35:01 UTC 157.7.107.140 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-20 05:36:22 UTC 52.35.74.102
mnemonic passive DNS www.clarity.ms (2) 1404 2018-08-22 07:41:57 UTC 2022-09-20 04:49:03 UTC 104.212.67.252
mnemonic passive DNS www.googletagmanager.com (2) 75 2012-12-25 14:52:06 UTC 2022-09-20 04:46:55 UTC 142.250.74.72
mnemonic passive DNS tags.emirates.com (14) 653781 2019-03-18 07:27:14 UTC 2022-09-20 08:02:11 UTC 185.32.241.65
mnemonic passive DNS b.clarity.ms (2) 3462 2021-07-27 12:49:08 UTC 2022-09-20 08:29:03 UTC 20.75.32.255
mnemonic passive DNS cdn.ek.aero (13) 152260 2013-10-10 18:37:53 UTC 2022-09-20 08:02:23 UTC 104.110.0.243
mnemonic passive DNS d1m54pdnjzjnhe.cloudfront.net (1) 0 2021-07-14 01:30:06 UTC 2022-09-20 11:04:39 UTC 143.204.42.201 Unknown ranking
mnemonic passive DNS cdn.appdynamics.com (2) 3266 2019-06-22 12:44:40 UTC 2022-09-19 18:29:00 UTC 143.204.55.129
mnemonic passive DNS fra-col.eum-appdynamics.com (2) 26185 2018-03-29 10:34:49 UTC 2022-09-20 04:59:52 UTC 52.59.18.140
mnemonic passive DNS dm9utgtmys7csgpspljyucnduve5p7ngn2tcroba73f79de26c1d6a2fam1.e.aa.online-metrix.net (1) 0 No data No data 91.235.134.131 Domain (online-metrix.net) ranked at: 1982
mnemonic passive DNS ocsp.digicert.com (14) 86 2012-05-21 07:02:23 UTC 2022-09-20 08:06:10 UTC 93.184.220.29
mnemonic passive DNS orca.qubitproducts.com (1) 71590 2013-09-05 00:47:34 UTC 2022-09-10 00:17:47 UTC 35.227.229.238
mnemonic passive DNS gum.criteo.com (1) 381 2015-01-22 10:58:57 UTC 2022-09-20 09:44:35 UTC 178.250.2.146
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-20 09:16:43 UTC 143.204.55.27
mnemonic passive DNS www.emirates.com (1) 74402 2012-06-02 03:45:48 UTC 2022-09-19 18:44:15 UTC 104.110.0.243
mnemonic passive DNS ocsp.securetrust.com (1) 18792 2019-12-23 03:05:54 UTC 2022-09-20 06:56:36 UTC 23.36.79.25


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 157.7.107.140

Date UQ / IDS / BL URL IP
2022-09-20 11:39:46 +0000
0 - 0 - 44 macst.cc/ue/retailresearch.emirates.claim.gif (...) 157.7.107.140
2022-09-15 12:17:52 +0000
0 - 0 - 1 www.gallerycafe-takeno2010.jp/pdf/concert_bp.zip 157.7.107.140
2022-09-15 12:17:52 +0000
0 - 0 - 1 www.gallerycafe-takeno2010.jp/pdf/reserve_she (...) 157.7.107.140
2022-09-15 12:17:51 +0000
0 - 0 - 1 www.gallerycafe-takeno2010.jp/pdf/reserve_reg (...) 157.7.107.140
2022-09-15 12:17:48 +0000
0 - 0 - 1 www.gallerycafe-takeno2010.jp/pdf/lesson_sheet.zip 157.7.107.140

Last 5 reports on ASN: GMO Internet,Inc

Date UQ / IDS / BL URL IP
2022-12-03 16:52:56 +0000
92 - 0 - 49 www.ddco.jp/d/usps/verification/ 157.7.144.5
2022-12-03 16:49:48 +0000
90 - 0 - 49 www.ddco.jp/d/usps/verification 157.7.144.5
2022-12-03 16:49:42 +0000
92 - 0 - 51 www.ddco.jp/d/usps/verification 157.7.144.5
2022-12-03 16:49:45 +0000
92 - 0 - 49 www.ddco.jp/d/usps/verification/ 157.7.144.5
2022-12-03 08:41:19 +0000
0 - 0 - 3 osaka-teizanbassyo.jp/ 157.7.144.5

Last 4 reports on domain: macst.cc

Date UQ / IDS / BL URL IP
2022-09-20 11:39:46 +0000
0 - 0 - 44 macst.cc/ue/retailresearch.emirates.claim.gif (...) 157.7.107.140
2022-09-09 15:51:23 +0000
0 - 0 - 53 macst.cc/ue/retailresearch.emirates.claim.gif (...) 157.7.107.140
2022-09-03 12:27:55 +0000
0 - 0 - 53 macst.cc/ue/retailresearch.emirates.claim.gif (...) 157.7.107.140
2022-09-01 08:29:26 +0000
0 - 0 - 48 macst.cc/ue/retailresearch.emirates.claim.gif (...) 157.7.107.140

No other reports with similar screenshot



JavaScript

Executed Scripts (63)


Executed Evals (13)

#1 JavaScript::Eval (size: 50, repeated: 1) - SHA256: 107abd1d4c412c9df04a22eea7a81d0ace815adf4ca7b8c2e3d6ea6c459423b5

                                        var eval_fn_2 = function(doc) {
    return doc.open();
};
                                    

#2 JavaScript::Eval (size: 832, repeated: 1) - SHA256: 92500821f7f8e651d3beaeaafe0a3ab673470f2cda53731894161b94de259f53

                                        (function() {
    urlVal = "http:\/\/macst.cc\/ue\/retailresearch.emirates.claim.gift-cards\/Subscribe.html";
    "" !== getqsByName("custemail") && (urlVal = urlVal.replace(getqsByName("custemail"), ""));
    "" !== getqsByName("lastname") && (urlVal = urlVal.replace(getqsByName("lastname"), ""));
    "" !== getqsByName("lastname2") && (urlVal = urlVal.replace(getqsByName("lastname2"), ""));
    "" !== getqsByName("bookref") && (urlVal = urlVal.replace(getqsByName("bookref"), ""));
    "" !== getqsByName("bookref2") && (urlVal = urlVal.replace(getqsByName("bookref2"), ""));
    "" !== getqsByName("sid") && (urlVal = urlVal.replace(getqsByName("sid"),
        ""));
    "" !== getqsByName("lname") && (urlVal = urlVal.replace(getqsByName("lname"), ""));
    "" !== getqsByName("fname") && (urlVal = urlVal.replace(getqsByName("fname"), ""));
    "" !== getqsByName("email") && (urlVal = urlVal.replace(getqsByName("email"), ""));
    return urlVal
})();
                                    

#3 JavaScript::Eval (size: 0, repeated: 1) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                    

#4 JavaScript::Eval (size: 422, repeated: 1) - SHA256: 69f4f3faf6b8edae420dca161d78acc05ef510a0d7d47a205e25c850d5714df1

                                        (function() {
    var deliverScript = document.createElement("script");
    // deliverScript.src = "//cdn.emirates.com/qubit-smartserve/smartserve-3335.js";
    deliverScript.src = "//cdn.ek.aero/qubit-smartserve/smartserve-3335.js";

    if (document.URL.indexOf('qb_testing') !== -1) {
        deliverScript.async = true;
    }

    document.getElementsByTagName("head")[0].appendChild(deliverScript);
}());
                                    

#5 JavaScript::Eval (size: 74, repeated: 1) - SHA256: 5825930e400f3c0b303a930b890dd589e3fefeb58b7a2819919a0bfbd43a958f

                                        var eval_fn_3 = function(element, value) {
    element.style.background = value;
};
                                    

#6 JavaScript::Eval (size: 366, repeated: 1) - SHA256: 2e605154cf0f6d72d908a2bb2c39362a96cccafea1c967956ca8f3a0e158ba5e

                                        (function() {
    for (var c = google_tag_manager["GTM-NVKM49"].macro(5), d = google_tag_manager["GTM-NVKM49"].macro(6), b = [
            ["EN", "US", "EN-US"],
            ["EN", "CA", "EN-US"],
            ["CN", "CN", "ZH-CN"],
            ["CN", "TW", "ZH-TW"],
            ["CN", "HK", "ZH-HK"],
            ["JP", "JP", "JA"],
            ["CZ", "CZ", "CS"],
            ["PT", "BR", "PT-BR"],
            ["PT", "PT", "PT-PT"]
        ], a = 0, e = b.length; a < e; a += 1)
        if (c === b[a][0] && d === b[a][1]) return b[a][2];
    return c
})();
                                    

#7 JavaScript::Eval (size: 4, repeated: 1) - SHA256: 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408

                                        this
                                    

#8 JavaScript::Eval (size: 462, repeated: 1) - SHA256: 7bbaf22761ec4c6b1c7e221f73e3728d9b258fefccbbeffbba5f80bc64261e40

                                        (function() {
    var host_nosubdomain = "macst.cc";
    host_nosubdomain = host_nosubdomain.replace(/([a-z0-9\-_]+\.)?((ek|emirates)\.)/ig, "$2");
    var linkRegx = new RegExp("^(http(s)?\\:\\/\\/)?((www|cdn|fly[0-9]+|flystaging[0-9]+|inspireme|content|staging(10|11)?|bausit|eol((ek|sso)?sit2?|(perf)?test|uat|dev2))\\.)?" + host_nosubdomain, "ig");
    var linkForTest = "".indexOf("tracking.aspx") > 0 ? "" : "";
    if (!linkForTest || linkForTest != "" && linkRegx.test(linkForTest)) return 1;
    return 0
})();
                                    

#9 JavaScript::Eval (size: 271, repeated: 1) - SHA256: ec9e46b1f87a3c2184b50e1d1c4bf6fda0ca56e913a3f58fa76692b3276408e9

                                        (function() {
    return "" !== google_tag_manager["GTM-NVKM49"].macro(1) ? "Booking : Incremental Value" : "" !== google_tag_manager["GTM-NVKM49"].macro(2) ? "Select Flight : Incremental Value" : "" !== google_tag_manager["GTM-NVKM49"].macro(3) ? "Review Itinerary : Incremental Value" : ""
})();
                                    

#10 JavaScript::Eval (size: 1, repeated: 1) - SHA256: 41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

                                        ;
                                    

#11 JavaScript::Eval (size: 61, repeated: 1) - SHA256: 4c7434541d1c4e35e47fa7017129597be4de29d8520f8d28324360e68ee147bb

                                        var eval_fn_1 = function(element, value) {
    element.src = value;
};
                                    

#12 JavaScript::Eval (size: 417, repeated: 1) - SHA256: c381a668680114649da70af92dc6c50ca49b82fd0e7ef59b178b591f82e38ca6

                                        (function() {
    var url = "//d1m54pdnjzjnhe.cloudfront.net/emirates/uvbuilder/uvbuilder.latest.min.js";
    if (document.cookie.indexOf("opentag_debug") > -1) {
        url = "//s3-eu-west-1.amazonaws.com/qubit-etc/emirates/uvbuilder/uvbuilder.dev.js";
    }
    var scrapper = document.createElement('script');
    scrapper.src = url;
    document.getElementsByTagName('head')[0].appendChild(scrapper);
})();
                                    

#13 JavaScript::Eval (size: 63, repeated: 1) - SHA256: b96807c1dbd317c4121b3c4de827e7744551038fd9e7a9e9d210d4c4c3792c36

                                        (function() {
    var a = "";
    a && "" !== a && "UK" == a && (a = "GB");
    return a
})();
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 414, repeated: 1) - SHA256: b44f335f8a4b25bc8c458c3286c0659143f19ea2ad52aa889b804a767c149168

                                        < !DOCTYPE html > < html > < head > < script >
    var inDapIF = true; < /script></head > < body > < script >
    var google_tag_manager = parent.google_tag_manager; < /script><iframe src="https:/ / creativecdn.com / tags ? id = pr_9gxVkOMUoh87gMDR0mZb & amp;
ncm = 1 & amp;
id = pr_9gxVkOMUoh87gMDR0mZb_custom_market_ & amp;
id = pr_9gxVkOMUoh87gMDR0mZb_custom_lang_NotSet " width="
1 " height="
1 " scrolling="
no " frameborder="
0 " style="
display: none;
"></iframe></body></html>
                                    


HTTP Transactions (141)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 11:13:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FcXZM-9ggHjI8ua59zWRlKKkc0wywKsj4dXIaIcVOVa2qtFSvH1zwQ==
Age: 1587


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    99b7d23c1748d0526782b9ff9ea45f09
Sha1:   eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
Sha256: 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11345
Expires: Tue, 20 Sep 2022 14:48:39 GMT
Date: Tue, 20 Sep 2022 11:39:34 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fzvLcXZ7sSKXLOLZWeGIVGCMPSVuyv4B8qdGF6VU6nUkOVdM9KX90g==
age: 25461
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 20 Sep 2022 11:39:35 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe.html HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 20 Sep 2022 11:39:34 GMT
Content-Length: 28039
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 24 Mar 2021 02:29:16 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (56025), with CRLF line terminators
Size:   28039
Md5:    dd9e25f43c5cc170b1342997a8b23742
Sha1:   0ec9b3fea4e154cc837f4fe2cd5fde9468ff1748
Sha256: 01ddd21e657c853af5580870a2037cf409e4ea059b568495ee2e4e403472ad00

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 20 Sep 2022 11:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 20 Sep 2022 11:05:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ng26lJm0ZfiEtY-vA_tfmCHXaeSdbRlkLPdtcJNqV6iHMf_0WonUEA==
Age: 2173


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/emirates.css HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Sep 2022 11:39:35 GMT
Content-Length: 40775
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (62155), with CRLF line terminators
Size:   40775
Md5:    b5c9b997f1515752cd787edb050b797e
Sha1:   df0f7f08f34d8cdca58351336d961d4828614189
Sha256: 861998ba09bce2944f2352ceeae027c6c6b2f1fc1661ea4e8049521509409cd3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4499
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:35 GMT
Last-Modified: Tue, 20 Sep 2022 10:24:37 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/ek-webfonts.css HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Sep 2022 11:39:35 GMT
Content-Length: 1565
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3987), with CRLF line terminators
Size:   1565
Md5:    780aee70542340acfc5437b1ef363282
Sha1:   d06e51542b339423b063ece585011299bd4ceddd
Sha256: 200ec8061a92d943d0d4e1cd68fe7578f3e501a6621943922462d85ca0108f82
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/gtm.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1889)
Size:   84715
Md5:    a7e5896d8d4634953bbb25a57193e303
Sha1:   f78e331bf372dba13716409df1e90d3312da38e6
Sha256: a4deeee9cb0326f68b73ef6a75686289128d90d2a766657c4db607b45bcb3a7a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/global-navigation-v3.css HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Sep 2022 11:39:35 GMT
Content-Length: 40061
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65430), with CRLF line terminators
Size:   40061
Md5:    a3006196c59f5f87d44c0672b7f87006
Sha1:   e0f0de5c7513ec1921e1ae82df63ec1fcdd4a633
Sha256: 028c76bcb3b191fdb0ed56342108a14d1b936a1c8f48b148eb0782b30a04fc94
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/opentag-93989-1321710.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:35 GMT
Content-Length: 37166
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (602)
Size:   37166
Md5:    d36606afb2ee3439c63d7b55ceb5adf4
Sha1:   4ecae06cb50eec88e9f59e014404c94093eb7882
Sha256: c2529b925bc1bf9809fe749a3c489d6aff341d18c6d065b9ef4dcb7c20bec149

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/responsive-main.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:35 GMT
Content-Length: 38444
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32019), with CRLF, LF line terminators
Size:   38444
Md5:    574a05169f524a6ea16acce628a0e760
Sha1:   c61f483bc2a0320b5cd76911cee0d6a33de778a1
Sha256: 3e66e70d81bb0c245a576fc7ff414402a1e20714676171df81cdf8937d07ed0e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NWNT+hBrnfJhHx4ZbBQM9g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.35.74.102
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /RFVxEVBr3qFMSe40A58EIaCJGM=

                                        
                                            GET /css?family=Roboto+Condensed&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.211.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 20 Sep 2022 11:39:36 GMT
date: Tue, 20 Sep 2022 11:39:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1006
Md5:    a28f2592d3c1f1f4c6e7d777a97f39ab
Sha1:   0dbee2a223bd70e8e4979ca1a3b48841b591f9f1
Sha256: 3df5a30ddbf2b9808af92beab0649bbee0264366f87e7614ca902dece6bf2ada
                                        
                                            GET /misc/ip?cid=__ip&id=emirates&callback=__qubitIPCallBack HTTP/1.1 
Host: orca.qubitproducts.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/

                                         
                                         35.227.229.238
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=utf-8
                                        
Vary: Origin
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 72
Via: 1.1 google


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   72
Md5:    2e57a2a6019e4ba5c2d39a8b1ccb0230
Sha1:   41fed5ddaa0bf4011aba50425175bc5d7c0a12bd
Sha256: 0a8c95d659dcfd0b32bc6e3e5123e2c258eda1670cd46b5bda6101ec7cd58dc8
                                        
                                            GET /qubit-smartserve/smartserve-3335.js HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/

                                         
                                         104.110.0.243
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Content-Length: 23
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 11:39:36 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   23
Md5:    e174615ce001bb4249e86ad04286e500
Sha1:   fdc31163880a889fc940efcebf33b562d93cdcd4
Sha256: e8578594b131f30326510c32a70935b3407baf5ce26161a70c6803e58f8838e9
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/platinum-stretch.css HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 4927
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (29235), with CRLF line terminators
Size:   4927
Md5:    242055a9bb6116bf594898abb4e55907
Sha1:   e6c2e1fd3cff99c17cfbf9e8f360ce0c56122041
Sha256: fe9f75e27ecfb11afca1703110219ece06d657059e94ff7675f826f348658a7d
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/initialloadaccount.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 791
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (3235), with CRLF line terminators
Size:   791
Md5:    7823790f9a8531eafdf85aba98f4e612
Sha1:   071b7b5ac6da7cef519ca1e119f818c10a63864d
Sha256: b0c36afa6b662c65436e59b65e4772874bd75544218e7f44be97ed33309e866c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/platinum.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 1813
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (5884), with CRLF line terminators
Size:   1813
Md5:    7e29a93583ed5d8576ce114078179f83
Sha1:   1e8136a99f24e56a9a08ac140116d30f34bbe12a
Sha256: ca97ac71789c89e200a8ee995faec8a77ef2067284a36efe6c50056047b6a7fd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/ek-core.css HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Sep 2022 11:39:35 GMT
Content-Length: 26930
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (20198), with CRLF line terminators
Size:   26930
Md5:    7ffdf3a9556d48561c12f703af555c40
Sha1:   a6f32f1b614bff08978d8974694333fc84f591a9
Sha256: 392fa65f7b931ad79e7354205d6739d9e090acef07954c90662ee935ee073e80
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/gtmutilities.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 351
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1164), with CRLF line terminators
Size:   351
Md5:    0cdbe02e57639fa6968564e26a032a47
Sha1:   b590288bd5f7cb42f94848b23eda8879ab37a739
Sha256: de05ebabd107c79a18d80d60280d7f8c8ea46c61a29b0c36adaf76f40159e485

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/preference-center.css HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 12858
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (38395), with CRLF line terminators
Size:   12858
Md5:    d23169ebe9d20bbd4a619e00bb179e78
Sha1:   6a8e757f459f4c6a9b1dea97d2ee8819647fb08c
Sha256: b3ee64b3a1fe4657119dc849a1ffa3889af041eb0529fae3676185d06e823168
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/tags.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 9508
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (5669)
Size:   9508
Md5:    255f0d6d6f1e0a0f75a09b2877e8e86d
Sha1:   2ea148bdf6da23d7321649ce9790da079d5731de
Sha256: bdd242418039464e1f4177efed125e2e79e040159f1e7e989f36b87501d0036d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/tealeaf.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 34940
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (32003), with CRLF, LF line terminators
Size:   34940
Md5:    d6f712594a98b9a76e6860441f3ab706
Sha1:   ef1e366119bb1c8897039131a1a61524675f489f
Sha256: 91df893a2dc8655cd2bc1a6c30dc6a7f69344018246efee4e3fc453d2c918094

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/uvbuilder.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 3172
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (11379)
Size:   3172
Md5:    12fdc0e1da2ffb9380460b02ec629555
Sha1:   dab92c8d8c7d846ee159b30992317efa48588e2d
Sha256: f69422fa94d63ba91d3e8cc568715db203f3541afe0ace1d0f568c87ba35d460

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/52260000.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 118
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  core file (Xenix)\012- , ASCII text
Size:   118
Md5:    8c4e3a70f133a38fa6bd5e6c86ebab03
Sha1:   ef2b21d945dc0899e134155b3c3f25a069aa2eb2
Sha256: 5442f5ba1ef9467c8cbffca444e379d796dc36fc6e2fdd239404d8950fbc459a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/dispatcher-v3.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 1057
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (2299)
Size:   1057
Md5:    bec23e1d60340f102bc57e4c443c2117
Sha1:   c7f3212dbd97117a80b25855b7cebd0e18323507
Sha256: e2d82c2ca504510b18e57da720e89f1452ad012c9ae2bca0aa55d796e6d03dbd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/yahoo-min.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 3005
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (6013)
Size:   3005
Md5:    a5b2c161a424aeaf067d6246176d64ee
Sha1:   7293cb47259c7065ac91d48096c2a227bc812cbc
Sha256: 36c712dcb454d4b23a4e63d24a6adc9e503f0cf9a8faf3c4a94457fdd25d102f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/cp-v3.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 12
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   12
Md5:    bc6573647ae421e4cd14dcdf34c877ce
Sha1:   a567ddefcd1cfc1bbbaf5323bdadba5795c95478
Sha256: 7fd90f2ec178b50f6924b27d80085370abdb66f52947d3a63d7f8e7a8f56512b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/smartserve-3335.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65239)
Size:   225611
Md5:    ba1b5b9a6d7dfde06c402687a57ea7ca
Sha1:   103d3573b06ea41077f774ff84efdcd5f12e1688
Sha256: 586eb2b4a1dd8a414551723e17f93ebe15b5cea7bf6019c322a675d307230e1b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/json-min.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 2204
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (4764)
Size:   2204
Md5:    73caddd8ca193f8bbe1008199439f379
Sha1:   bb864f4af973871e416dc2cc2da18bba495f4606
Sha256: 204207a80c315adee6290dfbf2e00e7b96c153621b9d5cc2a732f1859f451705

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/fbevents.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 25402
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (28773)
Size:   25402
Md5:    84d71b7f8d81d2b5720bb4acdfe1210a
Sha1:   5b9be1ab80ef97d4845db44a7e49a970783daed4
Sha256: dff53a604a595b5a32b29b9c66195deaa662e1569ab73013e2c2279aa93310f9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/boxever-min.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 8106
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (555)
Size:   8106
Md5:    969068a67f0b6fe7679b097de6d87618
Sha1:   5453ca5a2838ea990a604f7eec31156de8d1afcd
Sha256: 7eb2e8fb9e21eec4383b1c667dc75a4d9da3b5a12ca503e2ba82a6d34e9f0fef

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/analytics.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 17834
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (1490)
Size:   17834
Md5:    080ec59c6a4ae9a7c608b5378c1525be
Sha1:   f81d4cbe0d779234aee88dbddbd0bf838a286adf
Sha256: 043cfa976d441ef52e4f316649c6a2a57eb8b9d75e518cce1706d3b5d6e10c64

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3564
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:37 GMT
Last-Modified: Tue, 20 Sep 2022 10:40:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /gtm.js?id=GTM-NVKM49 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/

                                         
                                         142.250.74.72
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://www.googletagmanager.com/gtm.js?id=GTM-NVKM49
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 20 Sep 2022 11:39:37 GMT
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   250
Md5:    60355524907f74c4bfa9bb144a159cfe
Sha1:   37400e30e8f3cbf7892ea1bce8840ae06671455c
Sha256: bbf23e211505ae51b70ce5d450bcbbdfce6204f74d4e5b8e6ae976700c374fa6
                                        
                                            GET /system/shared/css/images/flags.svg HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.0.243
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
content-encoding: br
etag: "bfd25af97518d71:0"
last-modified: Sun, 28 Aug 2022 10:46:45 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-length: 55394
cache-control: public, max-age=178346
date: Tue, 20 Sep 2022 11:39:37 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   55394
Md5:    25929f814a9fe445dc4bbebafbb3c538
Sha1:   09e48069c623f2bdc1e793b973d81ceb1dbd4394
Sha256: 762bbc0770e4d8910d76acca800501a50bb7a35f5b7b4d7f2ac70585ae704e23
                                        
                                            GET /shared/fonts/emirates/emirates-bold.woff2 HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.0.243
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
etag: "cae68f40d0af09f13f342c4a566a4a7f:1527755987"
last-modified: Thu, 31 May 2018 08:39:47 GMT
server: AkamaiNetStorage
content-length: 72048
date: Tue, 20 Sep 2022 11:39:37 GMT
cache-control: public, max-age=604800
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 72048, version 1.-5899\012- data
Size:   72048
Md5:    cae68f40d0af09f13f342c4a566a4a7f
Sha1:   c4da9e33167be264184112a8d1ce1c7241ee794d
Sha256: 69e1dd4be80beaf33ef8979e6211c5b5ff8ecea7d8f68c7f01637c97c7e41c21
                                        
                                            GET /shared/fonts/emirates/emirates-medium.woff2 HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.0.243
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
etag: "82011c27c0bff714ca8f09ff9c16dcb3:1527755999"
last-modified: Thu, 31 May 2018 08:39:59 GMT
server: AkamaiNetStorage
content-length: 72576
date: Tue, 20 Sep 2022 11:39:37 GMT
cache-control: public, max-age=604800
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 72576, version 1.-5899\012- data
Size:   72576
Md5:    82011c27c0bff714ca8f09ff9c16dcb3
Sha1:   dc70699635410f7d503de260b88406a98e568cc5
Sha256: 9d3db58bc71d36080aadcafb0895ad490ba31e93f8640ec134e398b5bc6d3458
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/a HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 708
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (2044), with CRLF line terminators
Size:   708
Md5:    833739d0c535d2d2c7b9cce330db85ba
Sha1:   01ee7658421110a220341354a844157935262c1d
Sha256: 9a598df4431884bd81c57709a9e5201f6c50af7dd6a57035e5c61d5b00e283df

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /shared/fonts/ek-icons/ek-font-icons.woff HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.0.243
HTTP/2 200 OK
content-type: application/font-woff
                                        
accept-ranges: bytes
etag: "dda2003260b4caa0b6ca28ba7f83fec5:1493200273"
last-modified: Wed, 26 Apr 2017 09:51:13 GMT
server: AkamaiNetStorage
content-length: 36016
date: Tue, 20 Sep 2022 11:39:37 GMT
cache-control: public, max-age=604800
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 36016, version 1.0\012- data
Size:   36016
Md5:    dda2003260b4caa0b6ca28ba7f83fec5
Sha1:   dfd6019642ef5f5f99c723fc04928cd2b1956524
Sha256: 29785f207fa97d323919a7035b99d88b319eee28eae50b3857252c38183f7023
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16293
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 11:39:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16293
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 11:39:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16293
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 11:39:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16293
Expires: Tue, 20 Sep 2022 16:11:10 GMT
Date: Tue, 20 Sep 2022 11:39:37 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a0fa4b1-080d-4839-8ea7-fbbab1c035fd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5034
x-amzn-requestid: 0d0edd79-6413-4c9a-969b-485bca9cb69a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-HsmIAMFlNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-37990cee6b3098bc264f079f;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: IpClsvlXH4AVObixqZ0MMUaJ4WleIdMlKkJNcvc6rQteujjvmuugKA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 21:55:49 GMT
age: 49428
etag: "b28b2d9687a6ea546f88e6397345bb3a73283f61"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5034
Md5:    64211ecf2e40709b76075ad1c1754e33
Sha1:   b28b2d9687a6ea546f88e6397345bb3a73283f61
Sha256: f6c264e2520ee31fae2ca0ea4c7a910d2c061239de98523c4d6a74efa317357a
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/preference-center.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 4573
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (16237), with CRLF line terminators
Size:   4573
Md5:    a20eeeeb57e67a5902c7ad94f53c6b60
Sha1:   5deef053bf7a3f82ce26de6d0614e52ec058f767
Sha256: 03836471ce53361cb0b712d3a5cd7304571f38f0c7048d4065c4940144b92da6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F799803b1-7e6e-42da-84f6-3e45140e6ae6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7358
x-amzn-requestid: 88cc5413-2f66-4dc6-b20d-57dd16e77e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugqUHZIoAMFd3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e175-7357c2251f4434bc4686f9ed;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tqQuwCb5au2yf-m5wbZyUdOh7VEnYzxCk19p2IlH0vHCFx9Lkhu6lw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:00:04 GMT
age: 49173
etag: "4188174bf6e595335f784d2bf9c90db57294b2fc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7358
Md5:    49ffb7cd4c40b37f5b61c1fd86ee36ec
Sha1:   4188174bf6e595335f784d2bf9c90db57294b2fc
Sha256: 5af29dbb676f5a38288e73e9ca4feada901ccfb06385110ca0a46a4970532d32
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 02:46:17 GMT
age: 32000
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10894
Md5:    d3e70b2859ca89b353682d03f6b46b93
Sha1:   ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
Sha256: 43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 48752
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11832
Md5:    2ed7323b395e757f7766ea0045efdaca
Sha1:   8b91bc3069a3217bc719c27959d578b353b5d9dc
Sha256: 8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y3urrVdjZEds_DKf3yL2XfaOy-5UPBwU-YVWe5eKYsDpl3JPmqffsw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:23:30 GMT
age: 47767
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9543
Md5:    30fbdfee7ec4513a5ff3dfcb7282f816
Sha1:   a852edb64a7220532aa619ab2a440c3a7e11b97a
Sha256: 4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe
                                        
                                            GET /shared/fonts/emirates/emirates-bold.woff HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.110.0.243
HTTP/2 200 OK
content-type: application/font-woff
                                        
accept-ranges: bytes
etag: "a480d8f386bd2aaeb7089aaa6de8bc31:1527755987"
last-modified: Thu, 31 May 2018 08:39:47 GMT
server: AkamaiNetStorage
content-length: 103456
date: Tue, 20 Sep 2022 11:39:37 GMT
cache-control: public, max-age=604800
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 103456, version 0.0\012- data
Size:   103456
Md5:    a480d8f386bd2aaeb7089aaa6de8bc31
Sha1:   4420aedcab9ebb461dbad80b5ccf24e216ec9633
Sha256: d6d9758ef474eaa268be9742e810589b00838ef513d27c6134f7507bad43ef88
                                        
                                            GET /shared/fonts/emirates/emirates-medium.woff HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.110.0.243
HTTP/2 200 OK
content-type: application/font-woff
                                        
accept-ranges: bytes
etag: "40bab6c98e581bd41a21b97b95fe1e92:1527755987"
last-modified: Thu, 31 May 2018 08:39:47 GMT
server: AkamaiNetStorage
content-length: 103420
date: Tue, 20 Sep 2022 11:39:37 GMT
cache-control: public, max-age=604800
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 103420, version 0.0\012- data
Size:   103420
Md5:    40bab6c98e581bd41a21b97b95fe1e92
Sha1:   0baa2259ae9d09a757d30d82d37c96004233f15f
Sha256: 5a20938d0a85fb4d4a46e079f10d3c31ed76f3a79795831febf0dc1638ab0def
                                        
                                            GET /shared/fonts/ek-icons/ek-font-icons.ttf HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.110.0.243
HTTP/2 200 OK
content-type: font/ttf
                                        
accept-ranges: bytes
etag: "6214acfb60bbdcef8516adbc1a02118b:1493200273"
last-modified: Wed, 26 Apr 2017 09:51:13 GMT
server: AkamaiNetStorage
content-length: 63512
date: Tue, 20 Sep 2022 11:39:37 GMT
cache-control: public, max-age=604800
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 13 tables, 1st "OS/2", 16 names, Macintosh, Copyright 2016 Adobe Systems Incorporated. All rights reserved.ekRegular1.000;PfEd;ek-font-icons\012- data
Size:   63512
Md5:    6214acfb60bbdcef8516adbc1a02118b
Sha1:   08a58a6df31dfafec9a9d749d9e50849240e2b24
Sha256: 47a9b27c8c63006bf144b687932ec23e5b6d2ab3f5afc0434cb0d8046fb44a26
                                        
                                            GET /system/shared/Images/globalnavigation/icons/external_link.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/global-navigation-v3.css
Cookie: _qst_s=1; _qsst_s=1663673976054

                                         
                                         157.7.107.140
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 19268
Connection: keep-alive
Server: Apache
Last-Modified: Tue, 25 Jan 2022 06:58:09 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11315)
Size:   19268
Md5:    445d3af6844c2f665d720d259eae018b
Sha1:   a620414ae1b949396fd3f9ccefa11cca910c4eef
Sha256: cdaf289919b2096b4c936a3e249bba227791b88ae4417467fa54585c799394b4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/global-navigation-v3.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:36 GMT
Content-Length: 45385
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32037), with CRLF, LF line terminators
Size:   45385
Md5:    4b7299a033bcc731e344936088bd6f4d
Sha1:   346cb08a46264799edd0f04fb39490ee8e0da6d0
Sha256: 17bade57290cef934af108c5a793a602b60e202b6cff2b85d53a65e3288a3ad3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:37 GMT
Last-Modified: Tue, 20 Sep 2022 10:24:04 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: af6PAJNHX7cYcoi10pLb0UE62quM6fIQtCUFKhqvapSmIypY_BWqgg==
Age: 4533

                                        
                                            GET /v1.2/browser/create.json?client_key=ekb7q5q7htudvxjat3zmeuv2qjus0z6w&message=%7B%7D&callback=jsonp58485437629064 HTTP/1.1 
Host: api.boxever.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.254.2.123
HTTP/1.1 401 Unauthorized
content-type: application/json
                                        
date: Tue, 20 Sep 2022 11:39:37 GMT
x-robots-tag: noindex
Content-Length: 193
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   193
Md5:    f428d76e325e4e7048532df6e131673e
Sha1:   8c71dc73ee958680296d4fc06cd3d62a7824ff24
Sha256: 725a139eff8f1a0802f52914ec80a639bf5a4756ba888f8c4d954f2435668006
                                        
                                            GET /shared/fonts/emirates/emirates-bold.ttf HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.110.0.243
HTTP/2 200 OK
content-type: font/ttf
                                        
accept-ranges: bytes
etag: "a6ed6fbb9c13c0b0af1ba17fdaf9a9d1:1527755988"
last-modified: Thu, 31 May 2018 08:39:48 GMT
server: AkamaiNetStorage
content-length: 249496
date: Tue, 20 Sep 2022 11:39:37 GMT
cache-control: public, max-age=604800
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 28 names, Macintosh, Copyright (c) Emirates, 2003 - 2016.EmiratesBold1.910;Emirates-BoldEmirates BoldVersion 1.910Emi\012- data
Size:   249496
Md5:    a6ed6fbb9c13c0b0af1ba17fdaf9a9d1
Sha1:   1e2993c2f5e393c766fc38034aa609ff183890e6
Sha256: e63514b72f6aa5247a7dddcf476834e1ac213b211cfe040c3d1e3c9ed1f1379a
                                        
                                            GET /shared/fonts/emirates/emirates-medium.ttf HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.110.0.243
HTTP/2 200 OK
content-type: font/ttf
                                        
accept-ranges: bytes
etag: "42361e0ce8dcced0798dc9b31c8033c4:1527755988"
last-modified: Thu, 31 May 2018 08:39:48 GMT
server: AkamaiNetStorage
content-length: 248940
date: Tue, 20 Sep 2022 11:39:37 GMT
cache-control: public, max-age=604800
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 28 names, Macintosh, Copyright (c) Emirates, 2003 - 2016.EmiratesMedium1.910;Emirates-MediumEmirates MediumVersion 1.\012- data
Size:   248940
Md5:    42361e0ce8dcced0798dc9b31c8033c4
Sha1:   d47896bfc7b88ba7b3e9013e5f2fd40d5489848b
Sha256: 480369e2a7a789158124bc5b93ce5a219103260f59e15b5c029d048d6445f097
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/responsive-footer.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 46186
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (18622), with CRLF, LF line terminators
Size:   46186
Md5:    326d4e7a1263fc70efb1d0c226db1176
Sha1:   ce813e34457a731af95cb586cadfaf47106083cf
Sha256: 764fb177fd0dd798e225bca8cb320f4fbf8146aad369009997a161ba1cde6e8e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /gtm.js?id=GTM-NVKM49 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://macst.cc/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 11:39:37 GMT
expires: Tue, 20 Sep 2022 11:39:37 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 107995
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65324)
Size:   107995
Md5:    5d5366b485bbba06c4148f70b76d3e7b
Sha1:   7c0746a91598ae95e39d56fda0b77e7b7422b5dd
Sha256: 70384e16de981701ff438b594c80c40694aeb3d3ac1788166daa836b7cf19c68
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/eol-components.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 36534
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (12651), with CRLF, LF line terminators
Size:   36534
Md5:    c29e4881fcd38946b49081eeb1695316
Sha1:   62f54e87e51bced7671e182962fc10e6ccdff56f
Sha256: cb8bbd325c7e6b41a34a84fe4bd907cf37ecd47cc253c1aca062e03dcd606764

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/iconography.woff HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/platinum-stretch.css
Cookie: _qst_s=1; _qsst_s=1663673976054

                                         
                                         157.7.107.140
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 19268
Connection: keep-alive
Server: Apache
Last-Modified: Tue, 25 Jan 2022 06:58:09 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11315)
Size:   19268
Md5:    445d3af6844c2f665d720d259eae018b
Sha1:   a620414ae1b949396fd3f9ccefa11cca910c4eef
Sha256: cdaf289919b2096b4c936a3e249bba227791b88ae4417467fa54585c799394b4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/cf07252bc21619f2665ade3d0c6e96 HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 19268
Connection: keep-alive
Server: Apache
Last-Modified: Tue, 25 Jan 2022 06:58:09 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11315)
Size:   19268
Md5:    445d3af6844c2f665d720d259eae018b
Sha1:   a620414ae1b949396fd3f9ccefa11cca910c4eef
Sha256: cdaf289919b2096b4c936a3e249bba227791b88ae4417467fa54585c799394b4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /downloads/ek/icons/fonts/iconography.woff HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.110.0.243
HTTP/2 200 OK
content-type: application/font-woff
                                        
accept-ranges: bytes
etag: "c1be60cd52efa4c71e556f11de10d82d:1513234538"
last-modified: Thu, 14 Dec 2017 06:55:38 GMT
server: AkamaiNetStorage
content-length: 80048
date: Tue, 20 Sep 2022 11:39:37 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, CFF, length 80048, version 1.0\012- data
Size:   80048
Md5:    c1be60cd52efa4c71e556f11de10d82d
Sha1:   233da46f4d999dcec9d7e45a3c3bb7092902dfb6
Sha256: f0f1b77f3209d0ca046bea09fd2678f97a4209da270d1424f882614ce3cea3ac
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/adrum-4.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 20241
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (646)
Size:   20241
Md5:    7eaa762b70ea5a9b37ffa7a69b9693df
Sha1:   c150b0d9c45ec96fe924d74bee2a40bbe9edd4e3
Sha256: c23296dba6b68287e31f4fd3f840c5b759233f41a3d2dbf90abecb73beb665a7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /downloads/ek/icons/fonts/iconography.ttf HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.110.0.243
HTTP/2 200 OK
content-type: font/ttf
                                        
accept-ranges: bytes
etag: "239480ff57a54b6a50464b70e4754d66:1513234538"
last-modified: Thu, 14 Dec 2017 06:55:38 GMT
server: AkamaiNetStorage
content-length: 111748
date: Tue, 20 Sep 2022 11:39:37 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 13 tables, 1st "FFTM", 12 names, Macintosh, type 1 string\012- data
Size:   111748
Md5:    239480ff57a54b6a50464b70e4754d66
Sha1:   124a87b6641e8e4eb2e04b017eacda6c9e48e80e
Sha256: 6e0d938bcd2e5b57c5deb7b699c05786dd10573b53999eba5df940a4f68f90f8
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/eluminate.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 43675
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65268), with CRLF line terminators
Size:   43675
Md5:    51514b33aace13ff0e3623c9690a0892
Sha1:   c53f8a95f59f38a077c1c78f53f4f7d39ff4c08c
Sha256: 8b1ea64e82a96101881ded1f033cd453e37d4b35f10fd31eddb7c45002fe5d0d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/ld.js HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 9089
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (30338), with no line terminators
Size:   9089
Md5:    02e7bf38d192eb7d6fdd9d90e627acc6
Sha1:   ec4900b0b97a4ff12ac86548e7419d8e0daab01d
Sha256: 1239f4163d486affc7b9886a74bef9af598498348d0b4c857619716e10182a47

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /downloads/ek/icons/fonts/iconography.ttf HTTP/1.1 
Host: cdn.ek.aero
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=107676-
If-Range: "239480ff57a54b6a50464b70e4754d66:1513234538"
TE: trailers

                                         
                                         104.110.0.243
HTTP/2 206 Partial Content
content-type: font/ttf
                                        
accept-ranges: bytes
etag: "239480ff57a54b6a50464b70e4754d66:1513234538"
last-modified: Thu, 14 Dec 2017 06:55:38 GMT
server: AkamaiNetStorage
date: Tue, 20 Sep 2022 11:39:37 GMT
content-range: bytes 107676-111747/111748
content-length: 4072
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4072
Md5:    f3f660c8cf25f5ee05c090b94aa0f093
Sha1:   118eb2f821d99dcb490bc2246fc973079376414c
Sha256: b6f7620460261e4ba5f7dd48f7998b0b4c437983700bd98ac7d048d53aa60911
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/Inline_Logo_global_tcm233-4096794.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 2070
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   2070
Md5:    06f083c7c7112e528e4d690a4dad92ac
Sha1:   b393f84f7e770a518b8d3f479ff90fb57bcfdff9
Sha256: a5bf2fd7005dcbd3fbfe889735b53f679657b150c55cab3b605ad9a26ef20e4c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1.2/boxever-min.js?client_key=ekb7q5q7htudvxjat3zmeuv2qjus0z6w HTTP/1.1 
Host: api.boxever.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.254.2.123
HTTP/1.1 401 Unauthorized
content-type: text/plain; charset=utf-8
                                        
cache-control: no-cache
x-robots-tag: noindex
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/facebook.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 573
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   573
Md5:    1eb3f3470cedf13312432e9a04ac88c1
Sha1:   a6df7331db89c5648806d9290c0d81c3bd6b8a03
Sha256: 026160728588df0cdeea6861b7ee64b9a9676cd17217404cf10dedffde644df8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/twitter.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 884
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   884
Md5:    a25ee01a7539412952042024a185c4ec
Sha1:   afa8809a33e095fe3620d24c973d29f43bdb8873
Sha256: b64b6ec0640a39df2854dc252f278295759c8ec1feeaea9255d9317022b79402

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/youtube.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 720
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   720
Md5:    d1ae7e44eb89646e7469c5f7795e9f3f
Sha1:   9617b8d8fb13da36d15ab792e5982f5201f735d6
Sha256: 53b3f114675207adc5b8dd09348f21307edfbb51fd198f87f74dd20a35b924ae

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6348
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:38 GMT
Last-Modified: Tue, 20 Sep 2022 09:53:50 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/linkedin.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 669
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   669
Md5:    4181512f68adc949d8ee576bc6f8a3e7
Sha1:   7d591bc9eed848a57e7d6d364d39e7a37988e90e
Sha256: 9e3c0e528d4ef8643aa086ea62d9098dd38ea8038d1f9170df3e7413104a30b1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/instagram.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 1509
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   1509
Md5:    bb9841719a26b4ee71ed3293f29ebb10
Sha1:   27e4b3b21caf4cd0caa23b5affc3ce15ac7eab92
Sha256: 670281f76677cca08b38f0e6bf33ba5cfa7dec6d61904caa20e6099f96a75487

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/Apex_Badge_EN_tcm233-5456919.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 4787
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   4787
Md5:    5b4c26ad84145ad10f708816c4728f69
Sha1:   cb4e75205194040fb0c631491817d59092b8a24e
Sha256: 87bae0d13fd9bdd53b2e0fedae81160ac2b9ff55bce167687c2051c673f8751d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/tripadvisor-badge_tcm233-4231455.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 8047
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   8047
Md5:    d86188adb3e3ef2198709067087176ee
Sha1:   b14f31acd818b752d3696b0bd46d56580245334c
Sha256: 9ce29f24cef1b70644139e825cd2d2488bf0e96840c182175286e287c3526979

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5952
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:38 GMT
Last-Modified: Tue, 20 Sep 2022 10:00:26 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 314

                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/skytrax_badge_2019_tcm233-4231454.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Content-Length: 7361
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (985)
Size:   7361
Md5:    1b560346f100a9f987dae8c380b9a777
Sha1:   01b34709633bd812581de9ab9500405722e55915
Sha256: 906af30488dedb4bf44a5d60485a6be6db14d4e3daa516630ef26d2319b40606

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.146
HTTP/2 200 OK
                                        
date: Tue, 20 Sep 2022 11:39:37 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=pnMXFl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czRHR05NU0JyUURuVlRxNXBkNWNqJTJGSTdSblF6RDNLeVY2VGJSMXE3RDB0QQ; expires=Sun, 15 Oct 2023 11:39:38 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 286491
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4406
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:38 GMT
Last-Modified: Tue, 20 Sep 2022 10:26:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/Apple_EN_tcm233-4143604.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Content-Length: 4647
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   4647
Md5:    e3b52d4e2ff30361422e637ff90599e5
Sha1:   73b98bb880bf9bfb5918ee9f1ca275907dda1cd1
Sha256: 5b6833b867ba36a2e9e902a130d791e3d5343dc50bb1e9c77a404af65c5107bc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4406
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:38 GMT
Last-Modified: Tue, 20 Sep 2022 10:26:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/emirates-logo-badge_tcm233-4139304.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Content-Length: 1513
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3539), with no line terminators
Size:   1513
Md5:    e7ab2b9a5f4ced04740f2caa735a5e61
Sha1:   6b819f5194de7a2a16c2ed7e1211eb07ffcf0671
Sha256: e69ba6d6ba3e305dfb021533c56f3535bc069ecc4210d112d8851817e7f937f4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/emirates-logo-badge_tcm233-4139303.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Content-Length: 1513
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3539), with no line terminators
Size:   1513
Md5:    e7ab2b9a5f4ced04740f2caa735a5e61
Sha1:   6b819f5194de7a2a16c2ed7e1211eb07ffcf0671
Sha256: e69ba6d6ba3e305dfb021533c56f3535bc069ecc4210d112d8851817e7f937f4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/Google_EN_tcm233-4143606.svg HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html

                                         
                                         157.7.107.140
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Content-Length: 3523
Connection: keep-alive
Server: Apache
Last-Modified: Wed, 06 Nov 2019 17:22:46 GMT
Accept-Ranges: none
Vary: Range,Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   3523
Md5:    0ab13026eb1e57d453e515161065dc47
Sha1:   515d40d28e7498f5a97d44352823a5e4af9eff99
Sha256: 47bedbe11b80b799f175bac0e4c55ffe2af6ca15166ae17e7191da9c81276b63

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /newidsd HTTP/1.1 
Host: ag.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         185.235.84.114
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 20 Sep 2022 11:39:37 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 108692
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3343
Md5:    8543bd9810b2951a8d2c17278dd8152e
Sha1:   a399d6dbca340d823dd2b0db888c3e6517b4c21d
Sha256: 9943b85b519cf4b6b7f7fb59641da0bff0e742896fbf5d2ae9e3f011fbeecde8
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.110.0.243
HTTP/2 200 OK
content-type: image/x-icon
                                        
content-length: 8380
last-modified: Sun, 14 Mar 2021 02:01:40 GMT
accept-ranges: bytes
etag: "5eed8cf97518d71:0"
server: Microsoft-IIS/10.0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=604800
date: Tue, 20 Sep 2022 11:39:38 GMT
x-ek-edgecache: true
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 32x32, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size:   8380
Md5:    557da9e1bd991e23ad225bd74c0d11c3
Sha1:   9dbc8d290989f0dc86b483f316788c08f4fd47ca
Sha256: 985829e36de39448697d796f80d4ce99eb492f16f7afb2ce84a5a3d171105213
                                        
                                            GET /emirates/uvbuilder/uvbuilder.latest.min.js HTTP/1.1 
Host: d1m54pdnjzjnhe.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/

                                         
                                         143.204.42.201
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 3172
Connection: keep-alive
Date: Mon, 19 Sep 2022 13:46:06 GMT
Last-Modified: Wed, 12 Apr 2017 15:58:42 GMT
ETag: "12fdc0e1da2ffb9380460b02ec629555"
Content-Encoding: gzip
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Pl1JSO5cx31y8-9omriqEQ_AReqc4bYJlDAz3iIX77VXBXy-a-g9lQ==
Age: 78813


--- Additional Info ---
Magic:  ASCII text, with very long lines (11379)
Size:   3172
Md5:    12fdc0e1da2ffb9380460b02ec629555
Sha1:   dab92c8d8c7d846ee159b30992317efa48588e2d
Sha256: f69422fa94d63ba91d3e8cc568715db203f3541afe0ace1d0f568c87ba35d460
                                        
                                            GET /adrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js HTTP/1.1 
Host: cdn.appdynamics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/

                                         
                                         143.204.55.129
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.16.1
Last-Modified: Mon, 14 May 2018 17:55:05 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
timing-allow-origin: *
Content-Encoding: gzip
Date: Mon, 22 Aug 2022 06:39:26 GMT
Cache-Control: public, max-age=2678400, s-max-age=14400
ETag: W/"5af9cd79-c81b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SBXyHQbCF8O5BLkdKce-NSl3xak_T4JspJds1127SKyMoPOUMl0lZg==
Age: 2523612


--- Additional Info ---
Magic:  ASCII text, with very long lines (563)
Size:   19474
Md5:    308d623529f926fea898b8ff10b7fffb
Sha1:   9012e2d607412d91477e7fc9f119478497c12756
Sha256: 085c219edce91818fa1f48899cb8389ae020850bda9d3fe680e4b163dc90f570
                                        
                                            GET /bat.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/

                                         
                                         13.107.21.200
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: private,max-age=1800
Content-Length: 11367
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 17:32:37 GMT
Accept-Ranges: bytes
ETag: "80a8697a8a2d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=3E6F28F285E968790FA13AD7841C693A; domain=.bing.com; expires=Sun, 15-Oct-2023 11:39:38 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 2605B4DC2D264955A203CA9302051E3A Ref B: OSL30EDGE0521 Ref C: 2022-09-20T11:39:38Z
Date: Tue, 20 Sep 2022 11:39:37 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size:   11367
Md5:    293ae3e0fc8b0d5c143fdf9d8490228d
Sha1:   3976c659b908e70818a3a1ac71860b497fe2d1a9
Sha256: 04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2921
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:38 GMT
Last-Modified: Tue, 20 Sep 2022 10:50:57 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5262
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:38 GMT
Last-Modified: Tue, 20 Sep 2022 10:11:57 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5725
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:38 GMT
Last-Modified: Tue, 20 Sep 2022 10:04:13 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_NotSet HTTP/1.1 
Host: creativecdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.184.8.90
HTTP/2 302 Found
                                        
date: Tue, 20 Sep 2022 11:39:38 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-max-age: 3600
vary: Origin
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=w48M96HYrSDt40ULnxur;Path=/;Domain=.creativecdn.com;Expires=Wed, 20-Sep-2023 11:39:38 GMT;Max-Age=31536000;Secure;SameSite=None ts=1663673978;Path=/;Domain=.creativecdn.com;Expires=Wed, 20-Sep-2023 11:39:38 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://creativecdn.com/tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_NotSet&tc=1
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5262
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:38 GMT
Last-Modified: Tue, 20 Sep 2022 10:11:57 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /tags?id=pr_9gxVkOMUoh87gMDR0mZb&ncm=1&id=pr_9gxVkOMUoh87gMDR0mZb_custom_market_&id=pr_9gxVkOMUoh87gMDR0mZb_custom_lang_NotSet&tc=1 HTTP/1.1 
Host: creativecdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://macst.cc/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.184.8.90
HTTP/2 204 No Content
                                        
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5410
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:38 GMT
Last-Modified: Tue, 20 Sep 2022 10:09:28 GMT
Server: ECS (amb/6B7D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /action/0?ti=5711176&Ver=2&mid=7e8852e8-17c9-48e2-b474-1566915e2e98&sid=e8a8a48038d811ed8b365f1b5b6a4c0a&vid=e8a8d00038d811ed8b326dd7c379f433&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Subscription%20confirmation%20%7C%20Emirates%20special%20offers%20%7C%20Book%20a%20flight%20%7C%20Emirates&p=http%3A%2F%2Fmacst.cc%2Fue%2Fretailresearch.emirates.claim.gift-cards%2FSubscribe.html&r=&lt=3899&evt=pageLoad&sv=1&rn=112866 HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.21.200
HTTP/2 204 No Content
                                        
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=01EC7F402E7C643B00066D652F896535; domain=.bing.com; expires=Sun, 15-Oct-2023 11:39:38 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 588186B19CB049FC87B6A46654124FBE Ref B: OSL30EDGE0220 Ref C: 2022-09-20T11:39:38Z
date: Tue, 20 Sep 2022 11:39:38 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /p/action/5711176.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.21.200
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
cache-control: private,max-age=60
content-length: 666
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=205B0341FA6A6E500C821164FB9F6F44; domain=.bing.com; expires=Sun, 15-Oct-2023 11:39:38 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1BB2A1EF57BF4574A2D6D3723492EB8E Ref B: OSL30EDGE0220 Ref C: 2022-09-20T11:39:38Z
date: Tue, 20 Sep 2022 11:39:38 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   666
Md5:    dcaf27cad31faf135a0bdad92937fd65
Sha1:   a12934ab7d20d4de784b1e8900964e61174b62b3
Sha256: 69026f869ad02a8cbf2c9ae6283675a0cd73f984f88dfbad4c16dd6bdca1bbcf
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5659
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:38 GMT
Last-Modified: Tue, 20 Sep 2022 10:05:19 GMT
Server: ECS (amb/6BB3)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 940
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:38 GMT
Last-Modified: Tue, 20 Sep 2022 11:23:58 GMT
Server: ECS (amb/6BAB)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3848
Cache-Control: 'max-age=158059'
Date: Tue, 20 Sep 2022 11:39:38 GMT
Last-Modified: Tue, 20 Sep 2022 10:35:30 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /fp/clear.png?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f&ck=0&m=2 HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.32.241.65
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /newidsd HTTP/1.1 
Host: gem.gbc.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         178.250.6.69
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 20 Sep 2022 11:39:37 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 123568
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

                                        
                                            GET /eumcollector/error.gif?version=1&appKey=EC-AAB-BFE&msg=M126&stack=b.prototype.uj%40http%3A%2F%2Fcdn.appdynamics.com%2Fadrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js%3A48%3A104%0Ab%2F%3C%40http%3A%2F%2Fcdn.appdynamics.com%2Fadrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js%3A48%3A25%0Ae%40http%3A%2F%2Fmacst.cc%2Fue%2Fretailresearch.emirates.claim.gift-cards%2FSubscribe_fichiers%2Fadrum-4.js%3A7%3A107%0A HTTP/1.1 
Host: fra-col.eum-appdynamics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         52.59.18.140
HTTP/1.1 200 OK
content-type: image/gif
                                        
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
date: Tue, 20 Sep 2022 11:39:38 GMT
expires: 0
pragma: no-cache
server: envoy
vary: *
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
Content-Length: 26
Connection: keep-alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   26
Md5:    6a43099d5c8fe991a7aa7ebaca53069d
Sha1:   5bce2f0d57305c58c7b05bfce29ebb39a18f5570
Sha256: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
                                        
                                            GET /fp/check.js;CIS3SID=0F003C7D51B3EC9FCECC633F19B68098?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.32.241.65
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
tmx-nonce: 73f79de26c1d6a2f
Set-Cookie: thx_guid=0568052228996eaa2981c73472a425e2; Max-Age=155520000; Version=1; HttpOnly; Path=/; Secure;
P3P: CP=IVAa PSAa
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with very long lines (6177)
Size:   54210
Md5:    c04f27d3a541e1dea28c9355160efdf8
Sha1:   12ba19c2d0a05d86ae0a8533ba3d14d831b8f974
Sha256: 0130c0b679a5e657e1d5952fbfb5185b5858f671a0c4abe18ea8dac3bf8f861c
                                        
                                            GET /fp/clear.png?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f&jb=313e266e71633f65696366343e6b663132666b34316264313b603564633767663a363936373b30 HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.32.241.65
HTTP/1.1 204 No Content
Content-Type: text/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive

                                        
                                            GET /fp/ls_fp.html;CIS3SID=98C7BAA8E1BE21DBA3ECB7432A745C32?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.32.241.65
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Size:   14246
Md5:    4dd65a1dda9bd8c1657d238a61ae559b
Sha1:   34d59fa99699bef43794a52ae996d92d9b1a18b9
Sha256: cd759baf85eebec03f2a10cc0f8bc1743196eda54289853b22ab4313b9eab6b3
                                        
                                            GET /fp/es.js?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f&cb=td_1o HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.32.241.65
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   130
Md5:    dce7d3576fe4ed64d59769705faf831a
Sha1:   0d1d19851578feccc6ccd358130e068bb0dfb1fa
Sha256: 5122b24dc3b1b39fcdd95ab2ede808fed688bf77bc5c2fd4d3cdeaf7131ca319
                                        
                                            GET /tag/uet/5711176 HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.212.67.252
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: no-cache, no-store
content-length: 1636
expires: -1
set-cookie: CLID=108d297e1c744d5e8e697156405e3a7f.20220920.20230920; expires=Wed, 20 Sep 2023 11:39:38 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0eqYpYwAAAACUbzVa5gcrRLRfG28gU2H7Q1BIMzBFREdFMDQxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 20 Sep 2022 11:39:38 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1636), with no line terminators
Size:   1636
Md5:    45a893d64b0ade0b24cbeaee21362b4b
Sha1:   4f014fe9e43be8df71fccdee10431c1b8823d53f
Sha256: 98ae8eb87b74719bdea47a5e59e163570ab92e2a71357d213e6ba803786ad779
                                        
                                            GET /fp/clear.png?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f&jd=373d262468646c3d3f266a666035386633603c376138653e323467353160643567353a6163396635603a3a336d65266a6e7c6e3f32383e323a37 HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.32.241.65
HTTP/1.1 204 No Content
Content-Type: text/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive

                                        
                                            GET /fp/clear.png HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, dm9utgtm/73f79de26c1d6a2f38acfcf5-e108-4ffb-ae0d-6b210632729e
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         185.32.241.65
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 20 Sep 2022 11:39:38 GMT
Expires: Sun, 19 Sep 2027 11:39:38 GMT
Etag: 33bdc1e149b04e45aafad776b2fbbe8f
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: http://macst.cc
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /fp/top_fp.html;CIS3SID=98C7BAA8E1BE21DBA3ECB7432A745C32?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.32.241.65
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Size:   13566
Md5:    e382d6e2cf787facfd87f6ad77bcf810
Sha1:   d4a2a50166182f293dd12dbf9d3ebf180ded65f0
Sha256: 225b09f2ab80d6aadbb2ccf510175c085ddb3538bbab630865c7aaef9be29c7f
                                        
                                            GET /fp/clear.png?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f&ja=343b342424613f302e7a3d302e6e3d33303a38783130323c2463643d31303a327a333830302e737a7b3f3278382664707a35312e333030302c31303a362e333238322e3332323a2c333a38322e3b31392431323838243132303624302c30267b61663f3234246e6a3f6a7c74722d3343273044253a466d616b7b742c61612d324675652d3044706574636b6e70677b65637a636a2c676f697a6174657b26636e636b652e6769667c2f6163726471273044517d62716b726b60672c687c6d6c266c7a3d246a6a35303266386d6336303438663166673a3865373c353a33313b346b6537306d3d39246871673d4c696e7d7a246873623f446b70676e6f7a2d32323b34246a7b6f753d44616e777a24627362753d4e6b7067666f7a246c6a613531342e7478663f57544b266d617c60723f303a31366238386b3235676261366664633a6a613a69363b333b66366b6361323839633734673938326130693b663b346163363632663b34363e623764363b302e703d70647d676b6c5d6e6c6173682d374764616c716723726e7d676b665f756b6c666f7f735f6d6d6c69635d7264617965722d374764616c716723726e7d676b665f63666d606557616372676a617627374d66616c736d23726e75676b6c5d73776163697c696f672737456e616c736d29706e7765616e5f73686761697561766727374764696c716d21726e776569665f72656964706e637b6d722535456e636e716521726e77656b665f7464635d726e63796d7225354d6e616e716729706c7567616c5d666576636e7470273d4564696c716723726c7d67696e577b76655d7461657765722d374764616c716723726e7d676b665f68637463253d456661647b652461616c3d31343730323a&jb=3b3d266e733f4f6f72696c6c692d3244372c38253230285033332733422730324e6b66757a2d32327a3a345f3e3425334a2d323270742d3341393626322b273230456761696d2d32443a303332323330392532304e617267646d70253246393e2c32 HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.32.241.65
HTTP/1.1 204 204
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 20 Sep 2022 11:39:38 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive

                                        
                                            GET /fp/clear.png?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f&jf=313e266e71603f333f6563633a3165323434303466613569666163323535633664613b37333f36 HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tags.emirates.com/fp/ls_fp.html;CIS3SID=98C7BAA8E1BE21DBA3ECB7432A745C32?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         185.32.241.65
HTTP/1.1 204 No Content
Content-Type: text/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:39 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive

                                        
                                            GET /fp/es.js?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f&cb=td_1o&fr HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tags.emirates.com/fp/ls_fp.html;CIS3SID=98C7BAA8E1BE21DBA3ECB7432A745C32?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         185.32.241.65
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Date: Tue, 20 Sep 2022 11:39:39 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   130
Md5:    9be43a94cbfaf607f893eca5b5c2e62c
Sha1:   d6f61d2d2ec4624047d480af203feae1b1b8318f
Sha256: 6bcc13cd0253b50c8bfa47dd3c8a83704fa80e4caa1a817cacbcc017a4973b46
                                        
                                            POST / HTTP/1.1 
Host: ocsp.securetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.79.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 638
Date: Tue, 20 Sep 2022 11:39:39 GMT
Connection: keep-alive

                                        
                                            GET /fp/clear.png?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f&di=yes HTTP/1.1 
Host: dm9utgtmys7csgpspljyucnduve5p7ngn2tcroba73f79de26c1d6a2fam1.e.aa.online-metrix.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         91.235.134.131
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 20 Sep 2022 11:39:39 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81


--- Additional Info ---
Magic:  PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size:   81
Md5:    1b6d2de2867a3e11063ba25aa1cd4209
Sha1:   bd20b0e089f31f35cba4d0fa7277e73aa74d944c
Sha256: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
                                        
                                            GET /c.gif HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.234.93.27
HTTP/2 302 Found
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=77E27B97CD3841328B311186084E7B24&RedC=c.clarity.ms&MXFR=23F941BB792B68C23592539E7D2B6672
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure; MUID=23F941BB792B68C23592539E7D2B6672; domain=.clarity.ms; expires=Sun, 15-Oct-2023 11:39:39 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 20 Sep 2022 11:39:38 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /eus2/s/0.6.40/clarity.js HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.212.67.252
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
cache-control: public,max-age=86400
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8c7baa5622330"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0eqYpYwAAAADXcad1x8sJRajCIY+btK4lQ1BIMzBFREdFMDQxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 20 Sep 2022 11:39:38 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (54745)
Size:   23442
Md5:    6a87d835543a151541da0ae963173dd7
Sha1:   80bac2abc74d2fa93a63ff82514fd64ee8caf9a0
Sha256: c806647a143cb92f41ed1e60c6be245cd4e78b447c90adbed881ca54ecfa7337
                                        
                                            GET /c.gif?CtsSyncId=77E27B97CD3841328B311186084E7B24&MUID=2D59A6848682684329FBB4A187776974 HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://macst.cc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         20.234.93.27
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Tue, 20-Sep-2022 11:49:39 GMT; path=/; SameSite=None; Secure;
date: Tue, 20 Sep 2022 11:39:38 GMT
content-length: 42
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    32023bb33cfb2a1990a4ef2d85b6ac16
Sha1:   23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
Sha256: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
                                        
                                            GET /fp/clear.png?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f&jac=1&je=333a312424726f3d666f26617d6c683f66643d34623534383a3237356366376760343839616b6566616337363f3236656b3d313234613e383536323061673b64303b353b34343b3136383231336666322e657833356c66343a676e37623037303a63643462353b64603a6e62676a656731643761696363643b31363632 HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.32.241.65
HTTP/1.1 204 No Content
Content-Type: text/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:39 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive

                                        
                                            POST /eumcollector/beacons/browser/v1/EC-AAB-BFE/adrum HTTP/1.1 
Host: fra-col.eum-appdynamics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: text/plain
Content-Length: 14707
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/

                                         
                                         52.59.18.140
HTTP/1.1 200 OK
content-type: text/html
                                        
access-control-allow-headers: origin, content-type, accept
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
date: Tue, 20 Sep 2022 11:39:39 GMT
expires: 0
pragma: no-cache
server: envoy
vary: *
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
Content-Length: 0
Connection: keep-alive

                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1330
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         20.75.32.255
HTTP/2 204 No Content
                                        
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://macst.cc
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Tue, 20 Sep 2022 11:39:39 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 120447
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         20.75.32.255
HTTP/2 204 No Content
                                        
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://macst.cc
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Tue, 20 Sep 2022 11:39:39 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /fp/clear.png?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f&jac=1&je=303d2624756b6f3d7f6562727c6b5f6b6c766d726e616c576f666c73 HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.32.241.65
HTTP/1.1 204 No Content
Content-Type: text/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:43 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DwufJXA1yHz_jnJL0PWjCQYF9fa3jlJ0e-2hIomInAXCpmPISX3mjg==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:33 GMT
age: 49031
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11145
Md5:    c283017ec789693602177a2785177e21
Sha1:   ff8286c4d2cf87a1865d56d082bc5235dba60ad7
Sha256: 520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab
                                        
                                            POST /TealeafTarget.aspx HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-Type: application/json
X-Tealeaf: device (UIC) Lib/5.1.0.1731
X-TealeafType: GUI
X-TeaLeaf-Page-Url: /ue/retailresearch.emirates.claim.gift-cards/Subscribe.html
X-Tealeaf-MessageTypes: 1,2,7
ADRUM: isAjax:true
Content-Length: 1912
Origin: http://macst.cc
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe.html
Cookie: _qst_s=1; _qsst_s=1663673976054; cto_lwid=82fee146-038d-41aa-88ee-d8ed59d292a3; _uetsid=e8a8a48038d811ed8b365f1b5b6a4c0a; _uetvid=e8a8d00038d811ed8b326dd7c379f433; cto_bundle=b-SPZ19oUVVMRURoUnNkM3J1Vjl3TnVqQ2tLN1c4SkVQWDIyR0t4YTdVczUxcjlHekZMaVc1MHclMkJSdE9BRUh4Yk5VSGowJTJCTTFLZGNHJTJGU1BGZlozTGNiRXN6eFJNemFhVXI4NmF2T3pVMXY0TlhiSXBsdEZQeCUyQkZYUEZiV3o3emNnYUl5; _clck=q3k1lj|1|f51|0; _clsk=zhmtfp|1663673979726|1|1|b.clarity.ms/collect

                                         
                                         157.7.107.140
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Tue, 20 Sep 2022 11:39:43 GMT
Content-Length: 19268
Connection: keep-alive
Server: Apache
Last-Modified: Tue, 25 Jan 2022 06:58:09 GMT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11315)
Size:   19268
Md5:    445d3af6844c2f665d720d259eae018b
Sha1:   a620414ae1b949396fd3f9ccefa11cca910c4eef
Sha256: cdaf289919b2096b4c936a3e249bba227791b88ae4417467fa54585c799394b4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /fp/clear.png?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f HTTP/1.1 
Host: tags.emirates.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7
Origin: https://tags.emirates.com
Connection: keep-alive
Referer: https://tags.emirates.com/fp/top_fp.html;CIS3SID=98C7BAA8E1BE21DBA3ECB7432A745C32?org_id=dm9utgtm&session_id=38acfcf5-e108-4ffb-ae0d-6b210632729e&nonce=73f79de26c1d6a2f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         185.32.241.65
HTTP/1.1 204 No Content
Content-Type: text/javascript
                                        
Date: Tue, 20 Sep 2022 11:39:44 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Access-Control-Allow-Origin: https://tags.emirates.com

                                        
                                            GET /adrum-xd.f1b9622831c5f758b69f8c4fafbe9659.html HTTP/1.1 
Host: cdn.appdynamics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.129
HTTP/2 200 OK
content-type: text/html
                                        
date: Wed, 24 Aug 2022 00:43:04 GMT
server: nginx/1.16.1
last-modified: Mon, 14 May 2018 17:55:19 GMT
etag: W/"5af9cd87-7e2"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HrP8TbTKZaa22RuWT0MaUR3GSNgbKpwR1O93wjtjymTavfyQrR2zsA==
age: 2372194
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /syncframe?topUrl=macst.cc HTTP/1.1 
Host: gum.criteo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://macst.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         178.250.2.146
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Tue, 20 Sep 2022 11:39:37 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d97ad84e-2982-4f9a-a540-2373a46c1792; expires=Sun, 15 Oct 2023 11:39:37 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 581729
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /system/css/images/preference_center/desktop_Skywards-Card-Blue.png HTTP/1.1 
Host: macst.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://macst.cc/ue/retailresearch.emirates.claim.gift-cards/Subscribe_fichiers/preference-center.css
Cookie: _qst_s=1; _qsst_s=1663673976054

                                         
                                         157.7.107.140
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Tue, 20 Sep 2022 11:39:37 GMT
Content-Length: 19268
Connection: keep-alive
Server: Apache
Last-Modified: Tue, 25 Jan 2022 06:58:09 GMT
Accept-Ranges: bytes


--- Additional Info ---
                                        
                                            GET /dna HTTP/1.1 
Host: dnacdn.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=pnMXFl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czRHR05NU0JyUURuVlRxNXBkNWNqJTJGSTdSblF6RDNLeVY2VGJSMXE3RDB0QQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         178.250.2.146
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 20 Sep 2022 11:39:37 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=Hl2ldV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czRHR05NU0JyUURuVlRxNXBkNWNqJTJGSXhPS040NmVqc1hJOXl5QWN1JTJGQjlk; expires=Sun, 15 Oct 2023 11:39:38 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 370304
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---