Overview

URLhttp://oppoconditions.cu.cc/f/notepad.exe?ts=12c17e19
IP97.74.180.128
ASNAS26496 GoDaddy.com, LLC
Location United States
Report completed2012-11-07 23:47:26 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader8.0
Java1.6.0_26


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Source IP Destination IP Severity Alert
2012-11-07 23:46:52 urlQuery Client 97.74.180.1282ET CURRENT_EVENTS HTTP Request to a *.cu.cc domain
2012-11-07 23:47:01 93.184.220.103 urlQuery Client3FILEMAGIC Macromedia Flash data (compressed),
Snort /w Sourcefire VRT No alerts detected


Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 97.74.180.128

Date Alerts / IDS URL IP
2013-02-23 08:13:492 / 2http://bxwtlawdpz.proxydns.com/d/404.php?go=197.74.180.128
2013-02-15 00:25:361 / 4http://building-condition-survey.com/index.htm97.74.180.128
2013-02-11 13:46:103 / 3http://www.techshare101.com/index.html97.74.180.128
2013-02-03 05:58:232 / 4http://www.cricket24x7.com/administrator97.74.180.128
2013-01-24 12:33:411 / 1http://xgnghacwvh.dns1.us/97.74.180.128
2013-01-23 10:01:132 / 0http://www.stoneomaha.com/tdbuilders/97.74.180.128

Last 6 reports on ASN: AS26496 GoDaddy.com, LLC

Date Alerts / IDS URL IP
2013-02-26 11:34:501 / 1http://chericampbell.com/184.168.37.1
2013-02-26 11:26:060 / 2http://ask4training.com/.sys/?getexe=hosts2.exe184.168.174.1
2013-02-26 11:26:040 / 2http://ask4training.com/.sys/?getexe=fb.84.exe184.168.174.1
2013-02-26 11:26:040 / 2http://ask4training.com/.sys/?getexe=fbcheck.exe184.168.174.1
2013-02-26 11:24:460 / 6http://crossroads-wfd.org/.sys/?getexe=hosts2.exe208.109.181.78
2013-02-26 11:24:440 / 6http://crossroads-wfd.org/.sys/?getexe=fbcheck.exe208.109.181.78

Last 6 reports on domain: oppoconditions.cu.cc

Date Alerts / IDS URL IP
2012-12-07 09:46:150 / 3http://oppoconditions.cu.cc/97.74.180.128
2012-11-16 10:25:230 / 2http://oppoconditions.cu.cc/f/notepad.exe?ts=fc1349d97.74.180.128
2012-11-16 01:44:430 / 2http://oppoconditions.cu.cc/f/notepad.exe?ts=44c7043497.74.180.128
2012-11-15 04:13:320 / 2http://oppoconditions.cu.cc/f/notepad.exe?ts=ed07dfae97.74.180.128
2012-11-14 17:00:140 / 2http://oppoconditions.cu.cc/97.74.180.128
2012-11-14 06:13:520 / 2http://oppoconditions.cu.cc/f/notepad.exe?ts=3ab106e297.74.180.128



JavaScript

Executed Scripts (15)


Executed Evals (1)

#1 JavaScript::Eval (size: 429, repeated: 2) 

({
    "united kingdom": "County",
    "india": "Territory",
    "taiwan": "County",
    "australia": "Territory",
    "usa": "State",
    "france": "Region",
    "malaysia": "State",
    "mexico": "State",
    "italy": "Region",
    "spain": "Community",
    "philippines": "Province",
    "canada": "Province",
    "austria": "State",
    "switzerland": "Canton",
    "default": "State",
    "germany": "State",
    "united states": "State",
    "south korea": "Province",
    "japan": "Prefecture",
    "portugal": "District",
    "china": "Province"
})

Executed Writes (0)



HTTP Transactions (21)


Request Response 
GET /f/notepad.exe?ts=12c17e19 HTTP/1.1

Host: oppoconditions.cu.cc

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 301 Moved Permanently

Content-Type: text/html; charset=iso-8859-1

Date: Wed, 07 Nov 2012 22:46:52 GMT
Server: Apache
Location: http://passion.com/go/p142055?ts=12c17e19
Content-Length: 319
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
GET /go/p142055?ts=12c17e19 HTTP/1.1

Host: passion.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 302 Found

Content-Type: text/html; charset=iso-8859-1

Date: Wed, 07 Nov 2012 22:46:52 GMT
Server: Apache
Location: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
Set-Cookie: ALPO=74769779; path=/; domain=.passion.com; expires=Thu, 08-Nov-2012 22:46:52 GMT
click_id_time=673599021_2012-11-07 14:46:52; path=/; domain=.passion.com; expires=Fri, 07-Dec-2012 22:46:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 246
Keep-Alive: timeout=5, max=122
Connection: Keep-Alive
GET /images/ffadult/partners/1_1334266129.png HTTP/1.1

Host: graphics.pop6.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: image/png

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Wed, 07 Nov 2012 22:46:54 GMT
Etag: "8d561f0-1180-4bdd2542a6b79"
Expires: Fri, 07 Dec 2012 22:46:54 GMT
Last-Modified: Mon, 16 Apr 2012 21:15:59 GMT
Server: ECS (arn/46EA)
Via: 1.1 origin.friendfinderinc.com:3128 (squid/2.7.STABLE9)
X-Cache: HIT
X-Cache-Lookup: HIT from origin.friendfinderinc.com:3128
Content-Length: 4480
GET /images/ffadult/css/header.css HTTP/1.1

Host: graphics.pop6.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: text/css

Content-Encoding: gzip
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Wed, 07 Nov 2012 22:46:54 GMT
Etag: "46b9a91-1c44-4bd95b95f1c0a"
Expires: Fri, 07 Dec 2012 22:46:54 GMT
Last-Modified: Fri, 13 Apr 2012 20:57:44 GMT
Server: ECS (arn/46EE)
Vary: Accept-Encoding
Via: 1.1 origin.friendfinderinc.com:3128 (squid/2.7.STABLE9)
X-Cache: HIT
X-Cache-Lookup: HIT from origin.friendfinderinc.com:3128
Content-Length: 1534
GET /images/passion.com/favicon.ico HTTP/1.1

Host: graphics.pop6.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 200 OK

Content-Type: image/x-icon

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Wed, 07 Nov 2012 22:46:54 GMT
Etag: "d5e01e1-238-3c78a3690b740"
Expires: Fri, 07 Dec 2012 22:46:54 GMT
Last-Modified: Wed, 17 Sep 2003 17:56:05 GMT
Server: ECS (arn/46FB)
Via: 1.1 origin.friendfinderinc.com:3128 (squid/2.7.STABLE9)
X-Cache: HIT
X-Cache-Lookup: HIT from origin.friendfinderinc.com:3128
Content-Length: 568
GET /images/ffadult/landing_pages/20//header_bkg.png HTTP/1.1

Host: graphics.pop6.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: image/png

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Wed, 07 Nov 2012 22:46:55 GMT
Etag: "8c32e51-513-da448880"
Expires: Fri, 07 Dec 2012 22:46:55 GMT
Last-Modified: Thu, 03 Jun 2010 17:51:14 GMT
Server: ECS (arn/4679)
Via: 1.0 origin.friendfinderinc.com:3128 (squid/2.6.STABLE21), 1.0 origin.friendfinderinc.com:3128 (squid/2.7.STABLE9)
X-Cache: HIT
X-Cache-Lookup: HIT from origin.friendfinderinc.com:3128, HIT from origin.friendfinderinc.com:3128
Content-Length: 1299
GET /images/ffadult/landing_pages/20/lp_reg_cell_header_1.gif HTTP/1.1

Host: graphics.pop6.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: image/gif

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Wed, 07 Nov 2012 22:46:55 GMT
Etag: "e3de727-7e-4948ee9587d00"
Expires: Fri, 07 Dec 2012 22:46:55 GMT
Last-Modified: Mon, 08 Nov 2010 18:37:08 GMT
Server: ECS (arn/46F4)
Via: 1.0 origin.friendfinderinc.com:3128 (squid/2.7.STABLE9)
X-Cache: HIT
X-Cache-Lookup: HIT from origin.friendfinderinc.com:3128
Content-Length: 126
GET /images/ffadult/landing_pages/20/lp_reg_cell_header_2.gif HTTP/1.1

Host: graphics.pop6.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: image/gif

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Wed, 07 Nov 2012 22:46:55 GMT
Etag: "e3de728-c0-4948eea0055c0"
Expires: Fri, 07 Dec 2012 22:46:55 GMT
Last-Modified: Mon, 08 Nov 2010 18:37:19 GMT
Server: ECS (arn/46ED)
Via: 1.0 origin.friendfinderinc.com:3128 (squid/2.7.STABLE9)
X-Cache: HIT
X-Cache-Lookup: HIT from origin.friendfinderinc.com:3128
Content-Length: 192
GET /images/ffadult/landing_pages/20/lp_reg_cell_header_3.gif HTTP/1.1

Host: graphics.pop6.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: image/gif

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Wed, 07 Nov 2012 22:46:55 GMT
Etag: "e3de729-c4-4948eeb03bc00"
Expires: Fri, 07 Dec 2012 22:46:55 GMT
Last-Modified: Mon, 08 Nov 2010 18:37:36 GMT
Server: ECS (arn/46E3)
Via: 1.0 origin.friendfinderinc.com:3128 (squid/2.7.STABLE9)
X-Cache: HIT
X-Cache-Lookup: HIT from origin.friendfinderinc.com:3128
Content-Length: 196
GET /go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1 HTTP/1.1

Host: passion.com
GET /go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1 HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: ALPO=74769779; click_id_time=673599021_2012-11-07 14:46:52
 
HTTP/1.1 200 OK

Content-Type: text/html;charset=UTF-8

Date: Wed, 07 Nov 2012 22:46:52 GMT
Server: Apache
Set-Cookie: ffadult_who=r,KZbyFC_M9DUDjcJ_YL8W/4EbRTSPjIRTtP6HCrUSZUtucC9giYz5eMfS/NpFs8N_b0yjF0YgtkP4vgk5jm1dxRUtWfa839/CeCmXQjin4C6inEmLgDh5ZCFpz4jm7OE6BiY0ZIW9Plr1kAyNgQMQqA--; path=/; domain=passion.com
v_hash=_english_1; path=/; domain=.passion.com; expires=Fri, 07-Dec-2012 22:46:52 GMT
IP_COUNTRY=Norway; path=/; domain=.passion.com; expires=Fri, 07-Dec-2012 22:46:52 GMT
ffadult_tr=r,0pDVMG3yiFlZeRDlrYocJxIHNyhpk9dZmp_jDBLFhd_CG93JkVb0RiQj9YGhBnpX; path=/; domain=.passion.com; expires=Fri, 07-Dec-2012 22:46:52 GMT
LOCATION_FROM_IP=country&Norway&area_code&0&longitude&10.7500&country_name&Norway&lat&59.9167&region_name&Oslo&country_code&NO&region&12&state&&city&Oslo&postal_code&&latitude&59.9167&lon&10.7500&dma_code&0&country_code3&NOR; path=/; domain=.passion.com; expires=Fri, 07-Dec-2012 22:46:52 GMT
HISTORY=20121107-1-Dk; path=/; domain=.passion.com; expires=Fri, 07-Dec-2012 22:46:52 GMT
AB_TRACKING=oxtu4N79KLzlqlN9hDpDgO; path=/; domain=.passion.com; expires=Fri, 07-Dec-2012 22:46:52 GMT
ANON_CONFIRM=TRUE; path=/; domain=.passion.com; expires=Thu, 08-Nov-2012 22:46:52 GMT
Etag: TESTBED
P3P: CP="DSP LAW"
X-ApacheServer: ii19-32.friendfinderinc.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16112
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
GET /images/common/js/english_statedropdown_utf8.js HTTP/1.1

Host: passion.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
Cookie: ALPO=74769779; click_id_time=673599021_2012-11-07 14:46:52; ffadult_who=r,KZbyFC_M9DUDjcJ_YL8W/4EbRTSPjIRTtP6HCrUSZUtucC9giYz5eMfS/NpFs8N_b0yjF0YgtkP4vgk5jm1dxRUtWfa839/CeCmXQjin4C6inEmLgDh5ZCFpz4jm7OE6BiY0ZIW9Plr1kAyNgQMQqA--; v_hash=_english_1; IP_COUNTRY=Norway; ffadult_tr=r,0pDVMG3yiFlZeRDlrYocJxIHNyhpk9dZmp_jDBLFhd_CG93JkVb0RiQj9YGhBnpX; LOCATION_FROM_IP=country&Norway&area_code&0&longitude&10.7500&country_name&Norway&lat&59.9167&region_name&Oslo&country_code&NO&region&12&state&&city&Oslo&postal_code&&latitude&59.9167&lon&10.7500&dma_code&0&country_code3&NOR; HISTORY=20121107-1-Dk; AB_TRACKING=oxtu4N79KLzlqlN9hDpDgO; ANON_CONFIRM=TRUE
 
HTTP/1.1 200 OK

Content-Type: application/x-javascript

Date: Wed, 07 Nov 2012 22:46:55 GMT
Server: Apache
Last-Modified: Fri, 09 Dec 2011 17:27:26 GMT
Etag: "2616553-959b-4b3ac19400588"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-ApacheServer: ii54-14.friendfinderinc.com
Content-Length: 9552
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
GET /images/ffadult/landing_pages/20/lp_reg_cell_header_4.gif HTTP/1.1

Host: graphics.pop6.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: image/gif

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Wed, 07 Nov 2012 22:46:55 GMT
Etag: "e3de72a-88-4948eeb8d1040"
Expires: Fri, 07 Dec 2012 22:46:55 GMT
Last-Modified: Mon, 08 Nov 2010 18:37:45 GMT
Server: ECS (arn/46E0)
Via: 1.0 origin.friendfinderinc.com:3128 (squid/2.6.STABLE6)
X-Cache: HIT
X-Cache-Lookup: HIT from origin.friendfinderinc.com:3128
Content-Length: 136
GET /images/ffadult/landing_pages/32181/english/reg_btn.gif HTTP/1.1

Host: graphics.pop6.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: image/gif

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Wed, 07 Nov 2012 22:46:55 GMT
Etag: "d95e694-143f-48642d9824780"
Expires: Fri, 07 Dec 2012 22:46:55 GMT
Last-Modified: Mon, 10 May 2010 19:59:42 GMT
Server: ECS (arn/46ED)
Via: 1.0 origin.friendfinderinc.com:3128 (squid/2.7.STABLE9)
X-Cache: HIT
X-Cache-Lookup: HIT from origin.friendfinderinc.com:3128
Content-Length: 5183
GET /images/ffadult/landing_pages/32181/reg_btn_reflection.gif HTTP/1.1

Host: graphics.pop6.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: image/gif

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Wed, 07 Nov 2012 22:46:55 GMT
Etag: "f2ed8fe-a45-46e1e4d40a8c0"
Expires: Fri, 07 Dec 2012 22:46:55 GMT
Last-Modified: Tue, 07 Jul 2009 14:18:51 GMT
Server: ECS (arn/46E2)
Via: 1.0 origin.friendfinderinc.com:3128 (squid/2.6.STABLE6)
X-Cache: HIT
X-Cache-Lookup: HIT from origin.friendfinderinc.com:3128
Content-Length: 2629
GET /javascript/live_cd/rm_swfobject-1287617202.js HTTP/1.1

Host: graphics.pop6.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: text/javascript

Content-Encoding: gzip
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Wed, 07 Nov 2012 22:46:55 GMT
Expires: Fri, 07 Dec 2012 22:46:55 GMT
Last-Modified: Tue, 16 Oct 2012 08:49:44 GMT
Server: ECS (arn/46EB)
Vary: Accept-Encoding
Via: 1.0 origin.friendfinderinc.com:3128 (squid/2.6.STABLE21), 1.0 origin.friendfinderinc.com:3128 (squid/2.7.STABLE9)
X-Cache: HIT
X-Cache-Lookup: HIT from origin.friendfinderinc.com:3128, HIT from origin.friendfinderinc.com:3128
Content-Length: 3328
GET /ga.js HTTP/1.1

Host: www.google-analytics.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
If-Modified-Since: Wed, 19 Sep 2012 11:51:40 GMT
 
HTTP/1.1 200 OK

Content-Type: text/javascript

Content-Length: 14888
Content-Encoding: gzip
Last-Modified: Mon, 22 Oct 2012 15:51:19 GMT
X-Content-Type-Options: nosniff, nosniff
Date: Wed, 07 Nov 2012 20:35:01 GMT
Expires: Thu, 08 Nov 2012 08:35:01 GMT
Vary: Accept-Encoding
Cache-Control: max-age=43200, public
Age: 7915
Server: GFE/2.0
GET /go/page/city_list.html?dcb=passion.com&who=r,KZbyFC_M9DUDjcJ_YL8W/4EbRTSPjIRTtP6HCrUSZUtucC9giYz5eMfS/NpFs8N_b0yjF0YgtkP4vgk5jm1dxRUtWfa839/CeCmXQjin4C6inEmLgDh5ZCFpz4jm7OE6BiY0ZIW9Plr1kAyNgQMQqA--&ajax=1&no_perf=1&xml=1&use_ajax=1;action=get_city_list;country=Norway;state=0;state_name=state&rid=1352328416172& HTTP/1.1

Host: passion.com
GET /go/page/city_list.html?dcb=passion.com&who=r,KZbyFC_M9DUDjcJ_YL8W/4EbRTSPjIRTtP6HCrUSZUtucC9giYz5eMfS/NpFs8N_b0yjF0YgtkP4vgk5jm1dxRUtWfa839/CeCmXQjin4C6inEmLgDh5ZCFpz4jm7OE6BiY0ZIW9Plr1kAyNgQMQqA--&ajax=1&no_perf=1&xml=1&use_ajax=1;action=get_city_list;country=Norway;state=0;state_name=state&rid=1352328416172& HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
Cookie: ALPO=74769779; click_id_time=673599021_2012-11-07 14:46:52; ffadult_who=r,KZbyFC_M9DUDjcJ_YL8W/4EbRTSPjIRTtP6HCrUSZUtucC9giYz5eMfS/NpFs8N_b0yjF0YgtkP4vgk5jm1dxRUtWfa839/CeCmXQjin4C6inEmLgDh5ZCFpz4jm7OE6BiY0ZIW9Plr1kAyNgQMQqA--; v_hash=_english_1; IP_COUNTRY=Norway; ffadult_tr=r,0pDVMG3yiFlZeRDlrYocJxIHNyhpk9dZmp_jDBLFhd_CG93JkVb0RiQj9YGhBnpX; LOCATION_FROM_IP=country&Norway&area_code&0&longitude&10.7500&country_name&Norway&lat&59.9167&region_name&Oslo&country_code&NO&region&12&state&&city&Oslo&postal_code&&latitude&59.9167&lon&10.7500&dma_code&0&country_code3&NOR; HISTORY=20121107-1-Dk; AB_TRACKING=oxtu4N79KLzlqlN9hDpDgO; ANON_CONFIRM=TRUE
 
HTTP/1.1 200 OK

Content-Type: text/xml

Date: Wed, 07 Nov 2012 22:46:56 GMT
Server: Apache
Set-Cookie: ffadult_who=r,I5jogYWl3MsMCiz46C5EhoEbRTSPjIRTtP6HCrUSZUtucC9giYz5eMfS/NpFs8N_b0yjF0YgtkP4vgk5jm1dxRUtWfa839/CeCmXQjin4C6inEmLgDh5ZCFpz4jm7OE6BiY0ZIW9Plr1kAyNgQMQqA--; path=/; domain=passion.com
v_hash=_english_1; path=/; domain=.passion.com; expires=Fri, 07-Dec-2012 22:46:56 GMT
IP_COUNTRY=Norway; path=/; domain=.passion.com; expires=Fri, 07-Dec-2012 22:46:56 GMT
ffadult_tr=r,0pDVMG3yiFlZeRDlrYocJxIHNyhpk9dZmp_jDBLFhd_CG93JkVb0RiQj9YGhBnpX; path=/; domain=.passion.com; expires=Fri, 07-Dec-2012 22:46:56 GMT
LOCATION_FROM_IP=country&Norway&area_code&0&longitude&10.7500&country_name&Norway&lat&59.9167&region_name&Oslo&country_code&NO&region&12&state&&city&Oslo&postal_code&&latitude&59.9167&lon&10.7500&dma_code&0&country_code3&NOR; path=/; domain=.passion.com; expires=Fri, 07-Dec-2012 22:46:56 GMT
HISTORY=20121107-2-Dk1; path=/; domain=.passion.com; expires=Fri, 07-Dec-2012 22:46:56 GMT
ANON_CONFIRM=TRUE; path=/; domain=.passion.com; expires=Thu, 08-Nov-2012 22:46:56 GMT
Etag: TESTBED
P3P: CP="DSP LAW"
Vary: Accept-Encoding
Content-Encoding: gzip
X-ApacheServer: ii70-26.friendfinderinc.com
Content-Length: 1923
Keep-Alive: timeout=5, max=113
Connection: Keep-Alive
GET /flash/CookieSetter.swf HTTP/1.1

Host: graphics.pop6.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: application/x-shockwave-flash

Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Wed, 07 Nov 2012 22:46:56 GMT
Etag: "b655ba5-3b0-c836f9c0"
Expires: Fri, 07 Dec 2012 22:46:56 GMT
Last-Modified: Thu, 17 Sep 2009 00:06:07 GMT
Server: ECS (arn/46E3)
Via: 1.0 origin.friendfinderinc.com:3128 (squid/2.6.STABLE21)
X-Cache: HIT
X-Cache-Lookup: HIT from origin.friendfinderinc.com:3128
Content-Length: 944
GET /__utm.gif?utmwv=5.3.7&utms=1&utmn=1197366819&utmhn=passion.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x778&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Registration&utmhid=210823779&utmr=-&utmp=%2FGA%2Fhome_page%2Fregtest&utmac=UA-27412928-4&utmcc=__utma%3D44532005.741357176.1352328417.1352328417.1352328417.1%3B%2B__utmz%3D44532005.1352328417.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=qBC~ HTTP/1.1

Host: www.google-analytics.com
GET /__utm.gif?utmwv=5.3.7&utms=1&utmn=1197366819&utmhn=passion.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x778&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Registration&utmhid=210823779&utmr=-&utmp=%2FGA%2Fhome_page%2Fregtest&utmac=UA-27412928-4&utmcc=__utma%3D44532005.741357176.1352328417.1352328417.1352328417.1%3B%2B__utmz%3D44532005.1352328417.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmu=qBC~ HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: image/gif

Date: Wed, 07 Nov 2012 20:35:20 GMT
Content-Length: 35
X-Content-Type-Options: nosniff
Pragma: no-cache
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Last-Modified: Wed, 21 Jan 2004 19:51:30 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Age: 7896
Server: GFE/2.0
GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1

Host: fpdownload2.macromedia.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 200 OK

Content-Type: text/xml

Server: Apache
Last-Modified: Wed, 31 Oct 2012 21:22:10 GMT
Etag: "87de33-256-4cd617ed12480"
Accept-Ranges: bytes
Content-Length: 598
Date: Wed, 07 Nov 2012 22:46:57 GMT
Connection: keep-alive
GET /images/common/glean.gif?rand=3254&site=ffadult&session=JW%02g%3CD_LGKj%201352328412%20195.159.140.222%20&pwsid=&pagename=/go/page/landing_page_ffadult_20&pagestate=regtest&referer=&country=Norway&city=&lang=english&level=&gpid=g544907&pid=p142055&event=&pagerendertime=1640&testbed=0 HTTP/1.1

Host: glean.pop6.com
GET /images/common/glean.gif?rand=3254&site=ffadult&session=JW%02g%3CD_LGKj%201352328412%20195.159.140.222%20&pwsid=&pagename=/go/page/landing_page_ffadult_20&pagestate=regtest&referer=&country=Norway&city=&lang=english&level=&gpid=g544907&pid=p142055&event=&pagerendertime=1640&testbed=0 HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://passion.com/go/page/landing_page_ffadult_20?pid=p142055&ip=auto&no_click=1&alpo_redirect=1
 
HTTP/1.1 200 OK

Content-Type: image/gif

Date: Wed, 07 Nov 2012 22:46:58 GMT
Server: Apache/2.2.3 (CentOS) mod_perl/2.0.4 Perl/v5.8.8
Pragma: no-cache
Cache-Control: no-cache
Keep-Alive: timeout=5, max=108
Connection: Keep-Alive
Transfer-Encoding: chunked
Expires: Wed, 07 Nov 2012 22:46:58 GMT