Overview

URLlink.connectoffer.com/1ad4eae4-1202-4200-9614-77d7df867850
IP52.58.197.167
ASNUnknown
Location United States
Report completed2017-01-11 13:13:03 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com
Added / Verified Severity Host Comment
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMPhishing
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/countries.jsPhishing
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/detect_device.jsPhishing
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/mobile-detect.min.jsPhishing
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/jquery.min.jsPhishing
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/main.jsPhishing
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/INTL.icoPhishing
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 52.58.197.167

Date UQ / IDS / BL URL IP
2017-01-17 21:15:350 - 0 - 0deal.com-2016.net/84a30738-6180-4fa4-8b2c-2a803869d7b1?CITY=Fpo&STATE=AE&COUN (...)52.58.197.167
2017-01-17 20:03:270 - 0 - 1www.avantjc.com/b6fbf377-40a7-4286-a7cf-0954d51d67d9?bannerID={banner.id}52.58.197.167
2017-01-17 19:46:510 - 0 - 1u7tbs.voluumtrk.com/e9f78d88-be99-42ce-ae67-463d54ba2e5b?query={query}52.58.197.167
2017-01-17 18:40:390 - 0 - 1www.gelane.site/f7288450-ceb9-49d5-9ec1-321aafd2f2c2?pubid=210852.58.197.167
2017-01-17 12:12:040 - 0 - 6link.connectoffer.com/f587f0dc-efdc-4354-8196-adb377c75b89?ZoneID=61765852.58.197.167
2017-01-17 03:59:460 - 0 - 2a.googleplaysetvices.com/11212746-6688-469c-9141-f01a32655135?PREFIJO=210852.58.197.167

Last 6 reports on ASN: Unknown

Date UQ / IDS / BL URL IP
2017-01-18 04:57:580 - 0 - 12www.focus-kamin-design.de/sites/default/files/webform/indiana-novyy-orlean-match-l883987618-01- (...)91.134.112.192
2017-01-18 04:54:010 - 0 - 12www.focus-kamin-design.de/sites/default/files/webform/dzheymi-forlis-svetlana-kuznecova-smotret (...)91.134.112.192
2017-01-18 04:54:000 - 0 - 12www.focus-kamin-design.de/sites/default/files/webform/anzhelika-kerber-karina-vittyoft-smotreti (...)91.134.112.192
2017-01-18 04:50:170 - 0 - 1yyy.zz.am/IL1.exe52.196.132.126
2017-01-18 04:49:020 - 0 - 12www.focus-kamin-design.de/sites/default/files/webform/chuan-chiaczyun-betani-mattek-sends-smotr (...)91.134.112.192
2017-01-18 04:48:180 - 0 - 2enozelyemektarifleri.com/nasil-yapilir/ekmek-tarifleri/185.136.205.130

Last 6 reports on domain: link.connectoffer.com

Date UQ / IDS / BL URL IP
2017-01-17 12:12:040 - 0 - 6link.connectoffer.com/f587f0dc-efdc-4354-8196-adb377c75b89?ZoneID=61765852.58.197.167
2017-01-11 00:41:310 - 0 - 6link.connectoffer.com/eec694a2-71df-4eb6-9d7a-b7acff4100d3?zoneid={zoneid}52.58.197.167
2017-01-10 23:58:020 - 0 - 6link.connectoffer.com/76ac8f93-9bcf-445c-a95f-3a9f1d0cf1dd?ZoneID=65389952.58.197.167
2017-01-09 10:00:030 - 0 - 6link.connectoffer.com/75940152-1f0a-4943-8d8c-30990d5356f6?ZoneID=65755952.28.228.158
2017-01-08 20:49:020 - 0 - 6link.connectoffer.com/80b5c71c-5335-4668-92aa-e6081876692b?ZoneID=51281852.28.228.158
2017-01-08 06:18:360 - 0 - 6link.connectoffer.com/fe7508d5-4d96-4270-a76f-9adc779029f8?ZoneID=63221952.28.228.158



JavaScript

Executed Scripts (8)


Executed Evals (0)


Executed Writes (2)

#1 JavaScript::Write (size: 15, repeated: 2)

Januar 11, 2017

#2 JavaScript::Write (size: 16, repeated: 1)

Windows computer


HTTP Transactions (12)


Request Response
GET /1ad4eae4-1202-4200-9614-77d7df867850 HTTP/1.1

Host: link.connectoffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 52.58.197.167
HTTP/1.1 302 Found
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Date: Wed, 11 Jan 2017 12:12:21 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
Pragma: no-cache
Server: nginx
Set-Cookie: 1ad4eae4-1202-4200-9614-77d7df867850-v4=1ad4eae4-1202-4200-9614-77d7df867850; Domain=link.connectoffer.com; Path=/; HttpOnly voluum-track-url-v4=https%3A%2F%2Fwww.totalsuperboffer.com%2FINTL%2Frewardzone%2F%3Fvoluumdata%3DBASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg; Domain=link.connectoffer.com; Expires=Thu, 12-Jan-2017 12:12:21 GMT; Path=/; HttpOnly
Content-Length: 0
Connection: keep-alive
POST /gsdomainvalsha2g2 HTTP/1.1

Host: ocsp2.globalsign.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request
 104.16.27.216
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2017 12:12:22 GMT
Content-Length: 1558
Connection: keep-alive
Set-Cookie: __cfduid=d64100185c8a2b432062698332b2a96a71484136742; expires=Thu, 11-Jan-18 12:12:22 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Wed, 11 Jan 2017 12:12:22 GMT
Expires: Sun, 15 Jan 2017 12:12:22 GMT
Etag: "faf0638d7c3a11a7bd9db025141652fd1a31777c"
Cache-Control: public, no-transform, must-revalidate
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 31f846d0352b428b-OSL
GET /INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: text/html
Date: Wed, 11 Jan 2017 12:12:22 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Wed, 27 Jul 2016 09:01:32 GMT
Etag: "15e356-f54-5389a43825fd0"
Accept-Ranges: bytes
Content-Length: 3924
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
GET /INTL/rewardzone/style.css HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: text/css
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 10:00:03 GMT
Etag: "15e35f-557-52fa5cae10c68"
Accept-Ranges: bytes
Content-Length: 1367
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
GET /INTL/rewardzone/countries.js HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 09:59:57 GMT
Etag: "15e354-2703-52fa5ca852128"
Accept-Ranges: bytes
Content-Length: 9987
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
GET /INTL/rewardzone/detect_device.js HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 09:59:57 GMT
Etag: "15e355-2ef-52fa5ca83c198"
Accept-Ranges: bytes
Content-Length: 751
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
GET /INTL/rewardzone/INTL.png HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: image/png
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 09:59:58 GMT
Etag: "15e358-109b-52fa5ca9c00a0"
Accept-Ranges: bytes
Content-Length: 4251
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
GET /INTL/rewardzone/mobile-detect.min.js HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 10:00:02 GMT
Etag: "15e35e-8ed9-52fa5cada7100"
Accept-Ranges: bytes
Content-Length: 36569
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
GET /INTL/rewardzone/bootstrap.min.css HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: text/css
Date: Wed, 11 Jan 2017 12:12:22 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 09:59:56 GMT
Etag: "15e352-1d9ac-52fa5ca790b68"
Accept-Ranges: bytes
Content-Length: 121260
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
GET /INTL/rewardzone/jquery.min.js HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 10:00:00 GMT
Etag: "15e35a-17c52-52fa5cab437d8"
Accept-Ranges: bytes
Content-Length: 97362
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
GET /INTL/rewardzone/main.js HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 10:00:02 GMT
Etag: "15e35d-1754e-52fa5cad61f88"
Accept-Ranges: bytes
Content-Length: 95566
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
GET /INTL/rewardzone/INTL.ico HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: image/x-icon
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 09:59:58 GMT
Etag: "15e357-109b-52fa5ca929e48"
Accept-Ranges: bytes
Content-Length: 4251
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive