Overview

URLwww.facebookprotect.gq/m3/2038148035.mob
IP156.67.106.186
ASNUnknown
Location Germany
Report completed2017-03-21 02:20:07 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Levelpublic


Intrusion Detection Systems

Snort /w Sourcefire VRT No alerts detected
Suricata /w Emerging Threats Pro No alerts detected


Blacklists

Fortinet's Web Filter / fortiguard.com No alerts detected
MDL / malwaredomainlist.com No alerts detected
DNS-BH / malwaredomains.com No alerts detected
mnemonic secure DNS / mnemonic.no No alerts detected
OpenPhish / openphish.com No alerts detected
PhishTank / phishtank.com No alerts detected
Spamhaus DBL / spamhaus.org No alerts detected


Files Captured



Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 156.67.106.186

Date UQ / IDS / BL URL IP
2017-03-21 15:02:020 - 0 - 0www.facebookprotect.gq/m3/2038148035.mob156.67.106.186
2017-03-16 15:29:010 - 0 - 0www.facebookinotice.gq/f4/5168483416.mob156.67.106.186

Last 6 reports on ASN: Unknown

Date UQ / IDS / BL URL IP
2017-03-24 22:55:400 - 0 - 1www.ecodrain.co.nz/verify188.166.178.47
2017-03-24 22:55:300 - 0 - 1www.apple-find-sms.com/118.184.50.151
2017-03-24 22:55:240 - 0 - 0gel-titan.hatenablog.com/entry/2017/03/21/22554113.112.5.107
2017-03-24 22:54:590 - 0 - 0titangel.hatenablog.com/entry/2017/03/22/02021052.197.171.58
2017-03-24 22:54:470 - 0 - 0kdp.amazon.comhttps:///community/thread.jspa?threadID=44948752.94.224.233
2017-03-24 22:54:370 - 0 - 0titangel.hatenablog.com/entry/2017/03/21/19403713.112.5.107

Last 1 reports on domain: www.facebookprotect.gq

Date UQ / IDS / BL URL IP
2017-03-21 15:02:020 - 0 - 0www.facebookprotect.gq/m3/2038148035.mob156.67.106.186



JavaScript

Executed Scripts (10)


Executed Evals (7)

#1 JavaScript::Eval (size: 380, repeated: 1)

"\u3002\u300C\u300D\u3001\u30FB\u30F2\u30A1\u30A3\u30A5\u30A7\u30A9\u30E3\u30E5\u30E7\u30C3\u30FC\u30A2\u30A4\u30A6\u30A8\u30AA\u30AB\u30AD\u30AF\u30B1\u30B3\u30B5\u30B7\u30B9\u30BB\u30BD\u30BF\u30C1\u30C4\u30C6\u30C8\u30CA\u30CB\u30CC\u30CD\u30CE\u30CF\u30D2\u30D5\u30D8\u30DB\u30DE\u30DF\u30E0\u30E1\u30E2\u30E4\u30E6\u30E8\u30E9\u30EA\u30EB\u30EC\u30ED\u30EF\u30F3\u309B\u309C"

#2 JavaScript::Eval (size: 128, repeated: 1)

"\u30A6\u30AB\u30AD\u30AF\u30B1\u30B3\u30B5\u30B7\u30B9\u30BB\u30BD\u30BF\u30C1\u30C4\u30C6\u30C8\u30CF\u30D2\u30D5\u30D8\u30DB"

#3 JavaScript::Eval (size: 32, repeated: 1)

"\u30CF\u30D2\u30D5\u30D8\u30DB"

#4 JavaScript::Eval (size: 32, repeated: 1)

"\u30D1\u30D4\u30D7\u30DA\u30DD"

#5 JavaScript::Eval (size: 40, repeated: 1)

"\u30D1__\u30D4__\u30D7__\u30DA__\u30DD"

#6 JavaScript::Eval (size: 135, repeated: 1)

"\u30F4__\u30AC\u30AE\u30B0\u30B2\u30B4\u30B6\u30B8\u30BA\u30BC\u30BE\u30C0\u30C2\u30C5\u30C7\u30C9_____\u30D0\u30D3\u30D6\u30D9\u30DC"

#7 JavaScript::Eval (size: 161, repeated: 1)

"\u30F4____\u30AC_\u30AE_\u30B0_\u30B2_\u30B4_\u30B6_\u30B8_\u30BA_\u30BC_\u30BE_\u30C0_\u30C2__\u30C5_\u30C7_\u30C9______\u30D0__\u30D3__\u30D6__\u30D9__\u30DC"

Executed Writes (0)



HTTP Transactions (16)


Request Response
GET /m3/2038148035.mob HTTP/1.1

Host: www.facebookprotect.gq

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 156.67.106.186
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
Date: Tue, 21 Mar 2017 01:19:17 GMT
Server: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
X-Powered-By: PHP/5.6.30
Location: https://www.google.com/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
POST /ocsp HTTP/1.1

Host: clients1.google.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request
 216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2017 01:19:18 GMT
Expires: Sat, 25 Mar 2017 01:19:18 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
POST / HTTP/1.1

Host: g.symcd.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 102
Content-Type: application/ocsp-request
 23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Server: nginx/1.10.2
Content-Length: 1377
Content-Transfer-Encoding: binary
Cache-Control: max-age=467825, public, no-transform, must-revalidate
Last-Modified: Sun, 19 Mar 2017 11:14:20 GMT
Expires: Sun, 26 Mar 2017 11:14:20 GMT
Date: Tue, 21 Mar 2017 01:19:18 GMT
Connection: keep-alive
GET / HTTP/1.1

Host: www.google.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 216.58.211.132
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
Cache-Control: private
Location: https://www.google.no/?gfe_rd=cr&ei=ln_QWO7KJ82q8wfRkLOgCw
Content-Length: 259
Date: Tue, 21 Mar 2017 01:19:18 GMT
Alt-Svc: quic=":443"; ma=2592000; v="37,36,35"
POST /ocsp HTTP/1.1

Host: clients1.google.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request
 216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2017 01:19:18 GMT
Expires: Sat, 25 Mar 2017 01:19:18 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
GET /?gfe_rd=cr&ei=ln_QWO7KJ82q8wfRkLOgCw HTTP/1.1

Host: www.google.no
GET /?gfe_rd=cr&ei=ln_QWO7KJ82q8wfRkLOgCw HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 216.58.211.131
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Date: Tue, 21 Mar 2017 01:19:18 GMT
Expires: -1
Cache-Control: private, max-age=0
P3P: CP="This is not a P3P policy! See https://www.google.com/support/accounts/answer/151657?hl=en for more info."
Content-Encoding: gzip
Server: gws
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Set-Cookie: NID=99=U8ZGx4l58KB4dqe_-3VRVJ0XiDl6obPTHAfud83pwYWnxV67E8HNOzhfBq9xeryCgNKJaV47IDBTXARHmGdiy6hGJauxiJbwFRESnT35bDVNUcuWbCK6MJPQW9rJPTlO; expires=Wed, 20-Sep-2017 01:19:18 GMT; path=/; domain=.google.no; HttpOnly
Alt-Svc: quic=":443"; ma=2592000; v="37,36,35"
Transfer-Encoding: chunked
GET /textinputassistant/tia.png HTTP/1.1

Host: www.google.no

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&ei=ln_QWO7KJ82q8wfRkLOgCw
Cookie: NID=99=U8ZGx4l58KB4dqe_-3VRVJ0XiDl6obPTHAfud83pwYWnxV67E8HNOzhfBq9xeryCgNKJaV47IDBTXARHmGdiy6hGJauxiJbwFRESnT35bDVNUcuWbCK6MJPQW9rJPTlO
 216.58.211.131
HTTP/1.1 200 OK
Content-Type: image/png
Date: Wed, 11 Jan 2017 10:51:24 GMT
Expires: Thu, 11 Jan 2018 10:51:24 GMT
Last-Modified: Thu, 08 Dec 2016 15:30:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 258
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 5927274
Alt-Svc: quic=":443"; ma=2592000; v="37,36,35"
GET /images/branding/googlelogo/1x/googlelogo_white_background_color_272x92dp.png HTTP/1.1

Host: www.google.no

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&ei=ln_QWO7KJ82q8wfRkLOgCw
Cookie: NID=99=U8ZGx4l58KB4dqe_-3VRVJ0XiDl6obPTHAfud83pwYWnxV67E8HNOzhfBq9xeryCgNKJaV47IDBTXARHmGdiy6hGJauxiJbwFRESnT35bDVNUcuWbCK6MJPQW9rJPTlO
 216.58.211.131
HTTP/1.1 200 OK
Content-Type: image/png
Date: Tue, 21 Mar 2017 01:19:19 GMT
Expires: Tue, 21 Mar 2017 01:19:19 GMT
Cache-Control: private, max-age=31536000
Last-Modified: Thu, 08 Dec 2016 01:00:57 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 5482
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="37,36,35"
POST /ocsp HTTP/1.1

Host: clients1.google.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request
 216.58.211.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2017 01:19:19 GMT
Expires: Sat, 25 Mar 2017 01:19:19 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
GET /images/nav_logo229.png HTTP/1.1

Host: www.google.no

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&ei=ln_QWO7KJ82q8wfRkLOgCw
Cookie: NID=99=U8ZGx4l58KB4dqe_-3VRVJ0XiDl6obPTHAfud83pwYWnxV67E8HNOzhfBq9xeryCgNKJaV47IDBTXARHmGdiy6hGJauxiJbwFRESnT35bDVNUcuWbCK6MJPQW9rJPTlO
 216.58.211.131
HTTP/1.1 200 OK
Content-Type: image/png
Date: Tue, 21 Mar 2017 01:19:19 GMT
Expires: Tue, 21 Mar 2017 01:19:19 GMT
Cache-Control: private, max-age=31536000
Last-Modified: Fri, 16 Dec 2016 12:30:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 12263
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="37,36,35"
GET /xjs/_/js/k=xjs.hp.en_US.kkJn5YHOlLA.O/m=sb_he,d/am=AAE/rt=j/d=1/t=zcms/rs=ACT90oFLSHbtfewcpmg1tOtSqJgr9GHTfg HTTP/1.1

Host: www.google.no

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&ei=ln_QWO7KJ82q8wfRkLOgCw
Cookie: NID=99=U8ZGx4l58KB4dqe_-3VRVJ0XiDl6obPTHAfud83pwYWnxV67E8HNOzhfBq9xeryCgNKJaV47IDBTXARHmGdiy6hGJauxiJbwFRESnT35bDVNUcuWbCK6MJPQW9rJPTlO
 216.58.211.131
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 20 Mar 2017 16:39:29 GMT
Expires: Tue, 20 Mar 2018 16:39:29 GMT
Last-Modified: Mon, 20 Mar 2017 16:18:10 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 49185
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 31190
Alt-Svc: quic=":443"; ma=2592000; v="37,36,35"
GET /gb/images/b_8d5afc09.png HTTP/1.1

Host: ssl.gstatic.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&ei=ln_QWO7KJ82q8wfRkLOgCw
 216.58.211.131
HTTP/1.1 200 OK
Content-Type: image/png
Vary: Origin
Date: Thu, 16 Mar 2017 20:12:55 GMT
Expires: Fri, 16 Mar 2018 20:12:55 GMT
Last-Modified: Thu, 21 Apr 2016 03:17:22 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 9760
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 363984
Alt-Svc: quic=":443"; ma=2592000; v="37,36,35"
GET /images/branding/product/ico/googleg_lodp.ico HTTP/1.1

Host: www.google.no

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: NID=99=U8ZGx4l58KB4dqe_-3VRVJ0XiDl6obPTHAfud83pwYWnxV67E8HNOzhfBq9xeryCgNKJaV47IDBTXARHmGdiy6hGJauxiJbwFRESnT35bDVNUcuWbCK6MJPQW9rJPTlO
 216.58.211.131
HTTP/1.1 200 OK
Content-Type: image/x-icon
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 21 Mar 2017 01:19:19 GMT
Expires: Tue, 21 Mar 2017 01:19:19 GMT
Cache-Control: private, max-age=31536000
Last-Modified: Thu, 08 Dec 2016 01:00:57 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="37,36,35"
Transfer-Encoding: chunked
GET /client_204?&atyp=i&biw=1176&bih=754&ei=ln_QWPn6LsmmsAGb3oqoCg HTTP/1.1

Host: www.google.no
GET /client_204?&atyp=i&biw=1176&bih=754&ei=ln_QWPn6LsmmsAGb3oqoCg HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&ei=ln_QWO7KJ82q8wfRkLOgCw
Cookie: NID=99=U8ZGx4l58KB4dqe_-3VRVJ0XiDl6obPTHAfud83pwYWnxV67E8HNOzhfBq9xeryCgNKJaV47IDBTXARHmGdiy6hGJauxiJbwFRESnT35bDVNUcuWbCK6MJPQW9rJPTlO
 216.58.211.131
HTTP/1.1 204 No Content
Content-Type: text/html; charset=UTF-8
Date: Tue, 21 Mar 2017 01:19:19 GMT
Server: gws
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="37,36,35"
GET /generate_204 HTTP/1.1

Host: clients1.google.no

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&ei=ln_QWO7KJ82q8wfRkLOgCw
Cookie: NID=99=U8ZGx4l58KB4dqe_-3VRVJ0XiDl6obPTHAfud83pwYWnxV67E8HNOzhfBq9xeryCgNKJaV47IDBTXARHmGdiy6hGJauxiJbwFRESnT35bDVNUcuWbCK6MJPQW9rJPTlO
 216.58.211.131
HTTP/1.1 204 No Content
HTTP/1.1 204 No Content
Content-Length: 0
Date: Tue, 21 Mar 2017 01:19:19 GMT
Alt-Svc: quic=":443"; ma=2592000; v="37,36,35"
GET /gb/js/sem_77731842c771f6afd8d5aed228e8816f.js HTTP/1.1

Host: ssl.gstatic.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://www.google.no/?gfe_rd=cr&ei=ln_QWO7KJ82q8wfRkLOgCw
 216.58.211.131
HTTP/1.1 200 OK
Content-Type: text/javascript
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Date: Tue, 07 Mar 2017 10:32:55 GMT
Expires: Wed, 07 Mar 2018 10:32:55 GMT
Last-Modified: Fri, 03 Mar 2017 08:15:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 20101
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1176384
Alt-Svc: quic=":443"; ma=2592000; v="37,36,35"