Overview

URLlink.connectoffer.com/1ad4eae4-1202-4200-9614-77d7df867850
IP52.58.197.167
ASNUnknown
Location United States
Report completed2017-01-11 13:13:03 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com
Added / Verified Severity Host Comment
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMPhishing
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/countries.jsPhishing
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/detect_device.jsPhishing
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/mobile-detect.min.jsPhishing
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/jquery.min.jsPhishing
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/main.jsPhishing
2017-01-112www.totalsuperboffer.com/INTL/rewardzone/INTL.icoPhishing
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 52.58.197.167

Date UQ / IDS / BL URL IP
2017-01-18 07:41:460 - 0 - 1www.gelane.site/f7288450-ceb9-49d5-9ec1-321aafd2f2c2?pubid=210852.58.197.167
2017-01-18 06:49:580 - 0 - 2a.googleplaysetvices.com/11212746-6688-469c-9141-f01a32655135?PREFIJO=210852.58.197.167
2017-01-18 06:39:440 - 0 - 1a.googleplaysetvices.com/11212746-6688-469c-9141-f01a32655135?PREFIJO=210852.58.197.167
2017-01-18 06:19:390 - 0 - 3a.googleplaysetvices.com/11212746-6688-469c-9141-f01a32655135?PREFIJO=210852.58.197.167
2017-01-17 21:15:350 - 0 - 0deal.com-2016.net/84a30738-6180-4fa4-8b2c-2a803869d7b1?CITY=Fpo&STATE=AE&COUN (...)52.58.197.167
2017-01-17 20:03:270 - 0 - 1www.avantjc.com/b6fbf377-40a7-4286-a7cf-0954d51d67d9?bannerID={banner.id}52.58.197.167

Last 6 reports on ASN: Unknown

Date UQ / IDS / BL URL IP
2017-02-25 15:05:210 - 0 - 0www.infoblox.com/161.47.10.70
2017-02-25 15:05:000 - 0 - 0webmaildeliverynow.com/ibm_23168/img-rahman.afzal@example.com-2739.gif34.194.166.155
2017-02-25 15:04:260 - 0 - 0webmaildeliverynow.com/ibm_23168/?wpcode=2739&amp34.194.166.155
2017-02-25 15:04:140 - 0 - 0me.startpagina.nl/forum/topic/2543677/espnbayern-munich-vs-hamburg-sv-live-stream-en-vivo/52.51.130.84
2017-02-25 15:03:480 - 0 - 0jodisillu.tumblr.com/post/157688367919/live-streaming-new-orleans-pelicans-dallas66.6.32.21
2017-02-25 15:03:200 - 0 - 0marufranamd68.hatenablog.com/entry/2017/02/25/23014852.197.171.58

Last 6 reports on domain: link.connectoffer.com

Date UQ / IDS / BL URL IP
2017-02-22 00:29:010 - 0 - 6link.connectoffer.com/abb457d3-c926-4ee6-8967-e4926d3e74f3?ZoneID=67989852.28.228.158
2017-02-16 03:37:560 - 0 - 6link.connectoffer.com/c15831b9-0dcf-4ad2-bce9-2120b76f1866?zoneid={zoneid}52.28.228.158
2017-02-09 04:01:020 - 0 - 6link.connectoffer.com/1ad4eae4-1202-4200-9614-77d7df867850?zoneid={zoneid}52.58.225.210
2017-02-09 01:50:540 - 0 - 6link.connectoffer.com/a58400de-3cfa-450f-acec-99c48c47d404?subid={subid}52.58.225.210
2017-02-08 17:40:570 - 0 - 6link.connectoffer.com/ca28eb73-26ed-40e9-8af7-dd630f247494?zoneid={zoneid}52.58.225.210
2017-02-01 15:10:030 - 0 - 6link.connectoffer.com/78bf209f-32c6-4427-b6af-a825bff43e22?zoneid={zoneid}52.28.228.158



JavaScript

Executed Scripts (8)


Executed Evals (0)


Executed Writes (2)

#1 JavaScript::Write (size: 15, repeated: 2)

Januar 11, 2017

#2 JavaScript::Write (size: 16, repeated: 1)

Windows computer


HTTP Transactions (12)


Request Response
GET /1ad4eae4-1202-4200-9614-77d7df867850 HTTP/1.1

Host: link.connectoffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 52.58.197.167
HTTP/1.1 302 Found
HTTP/1.1 302 Found
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Date: Wed, 11 Jan 2017 12:12:21 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
Pragma: no-cache
Server: nginx
Set-Cookie: 1ad4eae4-1202-4200-9614-77d7df867850-v4=1ad4eae4-1202-4200-9614-77d7df867850; Domain=link.connectoffer.com; Path=/; HttpOnly voluum-track-url-v4=https%3A%2F%2Fwww.totalsuperboffer.com%2FINTL%2Frewardzone%2F%3Fvoluumdata%3DBASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg; Domain=link.connectoffer.com; Expires=Thu, 12-Jan-2017 12:12:21 GMT; Path=/; HttpOnly
Content-Length: 0
Connection: keep-alive
POST /gsdomainvalsha2g2 HTTP/1.1

Host: ocsp2.globalsign.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request
 104.16.27.216
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2017 12:12:22 GMT
Content-Length: 1558
Connection: keep-alive
Set-Cookie: __cfduid=d64100185c8a2b432062698332b2a96a71484136742; expires=Thu, 11-Jan-18 12:12:22 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Wed, 11 Jan 2017 12:12:22 GMT
Expires: Sun, 15 Jan 2017 12:12:22 GMT
Etag: "faf0638d7c3a11a7bd9db025141652fd1a31777c"
Cache-Control: public, no-transform, must-revalidate
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 31f846d0352b428b-OSL
GET /INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: text/html
Date: Wed, 11 Jan 2017 12:12:22 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Wed, 27 Jul 2016 09:01:32 GMT
Etag: "15e356-f54-5389a43825fd0"
Accept-Ranges: bytes
Content-Length: 3924
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
GET /INTL/rewardzone/style.css HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: text/css
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 10:00:03 GMT
Etag: "15e35f-557-52fa5cae10c68"
Accept-Ranges: bytes
Content-Length: 1367
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
GET /INTL/rewardzone/countries.js HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 09:59:57 GMT
Etag: "15e354-2703-52fa5ca852128"
Accept-Ranges: bytes
Content-Length: 9987
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
GET /INTL/rewardzone/detect_device.js HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 09:59:57 GMT
Etag: "15e355-2ef-52fa5ca83c198"
Accept-Ranges: bytes
Content-Length: 751
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
GET /INTL/rewardzone/INTL.png HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: image/png
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 09:59:58 GMT
Etag: "15e358-109b-52fa5ca9c00a0"
Accept-Ranges: bytes
Content-Length: 4251
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
GET /INTL/rewardzone/mobile-detect.min.js HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 10:00:02 GMT
Etag: "15e35e-8ed9-52fa5cada7100"
Accept-Ranges: bytes
Content-Length: 36569
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
GET /INTL/rewardzone/bootstrap.min.css HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: text/css
Date: Wed, 11 Jan 2017 12:12:22 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 09:59:56 GMT
Etag: "15e352-1d9ac-52fa5ca790b68"
Accept-Ranges: bytes
Content-Length: 121260
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
GET /INTL/rewardzone/jquery.min.js HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 10:00:00 GMT
Etag: "15e35a-17c52-52fa5cab437d8"
Accept-Ranges: bytes
Content-Length: 97362
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
GET /INTL/rewardzone/main.js HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.totalsuperboffer.com/INTL/rewardzone/?voluumdata=BASE64dmlkLi4wMDAwMDAwMS1jM2Q2LTRjMjktODAwMC0wMDAwMDAwMDAwMDBfX3ZwaWQuLjdhNDllMDAwLWQ3ZjUtMTFlNi04NTNlLTBhOGI3YWM5MTNkYl9fY2FpZC4uMWFkNGVhZTQtMTIwMi00MjAwLTk2MTQtNzdkN2RmODY3ODUwX19ydC4uREpfX2xpZC4uNjljOTNkMDItNzRlZS00ZDc2LTkzMTQtNmE5NDk1ZTNkYTcxX19vaWQxLi45NmYxYWEzZi0xNTQwLTRiMmYtYTg3Mi03M2U4NGJiMTE5MjBfX3JkLi5fX2FpZC4uX19hYi4uX19zaWQuLg
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: application/javascript
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 10:00:02 GMT
Etag: "15e35d-1754e-52fa5cad61f88"
Accept-Ranges: bytes
Content-Length: 95566
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
GET /INTL/rewardzone/INTL.ico HTTP/1.1

Host: www.totalsuperboffer.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 67.227.199.179
HTTP/1.1 200 OK
Content-Type: image/x-icon
Date: Wed, 11 Jan 2017 12:12:23 GMT
Server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 mod_fcgid/2.3.9
Last-Modified: Mon, 04 Apr 2016 09:59:58 GMT
Etag: "15e357-109b-52fa5ca929e48"
Accept-Ranges: bytes
Content-Length: 4251
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive