Overview

URL wow2005.org/2017
IP166.78.103.6
ASNAS19994 Rackspace Hosting
Location United States
Report completed2018-07-06 06:30:40 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-07-06 2 wow2005.org/2017 Phishing
2018-07-06 2 parkingcrew.net/assets/scripts/js3.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 166.78.103.6

Date UQ / IDS / BL URL IP
2018-08-24 05:11:35 +0200
0 - 0 - 1 zv05.com/down/sf11.exe 166.78.103.6
2018-07-14 04:17:45 +0200
0 - 0 - 1 gao.codomolab.com/css/flashplayer.cpl 166.78.103.6
2018-07-02 21:07:25 +0200
0 - 0 - 2 zldejarhksflwk.com/ 166.78.103.6
2018-07-01 04:55:22 +0200
0 - 3 - 0 francescaferrara.net/2010/12/13/digital-hypoc (...) 166.78.103.6
2018-06-28 04:49:26 +0200
0 - 0 - 1 mimirswell.cliptrash.com/blog-55 166.78.103.6
2018-06-27 00:13:41 +0200
0 - 0 - 1 atlantawebdesign1.info/2012/10/03/the-non-exp (...) 166.78.103.6
2018-06-11 11:11:44 +0200
0 - 0 - 1 facescene.net/ 166.78.103.6
2018-05-27 03:43:11 +0200
0 - 0 - 1 www.francescaferrara.net/2009/06/03/a-napoli- (...) 166.78.103.6
2018-05-25 05:28:22 +0200
0 - 0 - 1 www.wavtools.com/download/ez-wav-to-mp3-encod (...) 166.78.103.6
2018-05-16 23:08:33 +0200
0 - 0 - 1 get.buzzrepo.com/n/3.1.39/12809058/GUNSHIP%20 (...) 166.78.103.6

Last 10 reports on ASN: AS19994 Rackspace Hosting

Date UQ / IDS / BL URL IP
2019-06-30 00:52:37 +0200
0 - 0 - 0 ncpsolutions.com 184.106.55.64
2019-06-27 15:48:42 +0200
0 - 0 - 0 alphatools.com.br/media/anbima_melhores_prati (...) 184.106.108.232
2019-06-27 15:37:50 +0200
0 - 0 - 0 www.inoa.com.br/ 184.106.108.232
2019-06-27 07:51:31 +0200
0 - 0 - 0 tkmaxx.com 198.101.161.134
2019-06-26 20:34:12 +0200
0 - 0 - 0 https://www.roundtableonlineordering.com/#con (...) 173.203.40.31
2019-06-26 19:38:56 +0200
0 - 0 - 0 redapple.com 23.253.58.227
2019-06-26 19:17:23 +0200
0 - 0 - 0 redapple.com 23.253.58.227
2019-06-26 04:50:18 +0200
0 - 0 - 0 https://www.wholesalesuppliesplus.com/Bottles (...) 162.242.188.244
2019-06-25 20:43:50 +0200
0 - 0 - 0 10d975b7e3ad235c50efd1877683285d@aacnnursing.org 173.203.39.41
2019-06-25 17:46:35 +0200
0 - 0 - 0 198.61.254.6 198.61.254.6

Last 10 reports on domain: wow2005.org

Date UQ / IDS / BL URL IP
2019-06-10 08:12:52 +0200
0 - 0 - 1 wow2005.org/inter 34.254.1.203
2019-06-10 08:12:50 +0200
0 - 0 - 1 wow2005.org/jdr 34.254.1.203
2019-06-10 08:12:49 +0200
0 - 0 - 1 wow2005.org/index.html 34.254.1.203
2019-06-10 08:12:48 +0200
0 - 0 - 1 wow2005.org/IlOysTgNjFrGtHtEAwVo/index.php 34.254.1.203
2019-06-10 08:11:56 +0200
0 - 0 - 1 wow2005.org/lff 34.254.1.203
2019-06-10 08:11:55 +0200
0 - 0 - 1 wow2005.org/bvv 34.254.1.203
2019-06-10 08:11:54 +0200
0 - 0 - 1 wow2005.org/pjx 34.254.1.203
2019-06-10 08:11:53 +0200
0 - 0 - 1 wow2005.org/interjishu 34.254.1.203
2019-05-13 17:47:43 +0200
0 - 0 - 1 wow2005.org/shujuku 34.254.1.203
2019-05-05 09:25:10 +0200
0 - 0 - 1 wow2005.org/wp-content 34.254.1.203


JavaScript

Executed Scripts (30)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 995, repeated: 1) - SHA256: 7c4357818b2bbebe222f3dc11a99acee397f7f71ab7db6bc66d74f8d388ab3d5

                                        < img height = "1"
width = "1"
border = "0"
alt = ""
src = "https://www.googleadservices.com/pagead/conversion/1038302480/?random=1530851411602&cv=9&fst=1530851411602&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef&ref=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef"
style = "display:none" / >
                                    


HTTP Transactions (48)


Request Response
                                        
                                            GET /2017 HTTP/1.1 
Host: wow2005.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         166.78.103.6
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 06 Jul 2018 04:30:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Check: 3c12dc4d54f8e22d666785b733b0052100c53444
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1041
Md5:    21430a11990bc8764b1c155e0c97a170
Sha1:   9102728bd699353723f4b15b9760193c1dd9da77
Sha256: 02ef79b56fe1a3bc628371adee62bdaa5e730026ec48abfc6bb16fbf0280330a

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /assets/scripts/js3.js HTTP/1.1 
Host: parkingcrew.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://wow2005.org/2017

                                         
                                         185.53.179.29
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 06 Jul 2018 04:30:08 GMT
Content-Length: 17915
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2016 08:03:01 GMT
Etag: "57df9bb5-45fb"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C++ program text, with very long lines
Size:   17915
Md5:    db3cacfb57ba35d3fcfdbbcf7d46bd42
Sha1:   64034a7b579d0fb46cc71417ff038da23886d6c8
Sha256: a606134e35db97024d04789609660c94f87f660dc259d91db5180e32787d4dad

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /track.php?domain=wow2005.org&toggle=browserjs&uid=MTUzMDg1MTQwNy42MzU0OjdhYjJhNjljYzk5MTUxYzYzZDY5MDBiMjkzMTdjMGQyNDdlNzY1MWY1OWUwOTZiMDg2YjI0MzgzNWUyMDI1ZTI6NWIzZWYwNGY5YjIxYQ%3D%3D HTTP/1.1 
Host: wow2005.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://wow2005.org/2017

                                         
                                         166.78.103.6
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 06 Jul 2018 04:30:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
                                        
                                            GET /track.php?click=1f674acfc827153533d83fec8788fe1cc6d67099&domain=wow2005.org&uid=MTUzMDg1MTQwNy42MzU0OjdhYjJhNjljYzk5MTUxYzYzZDY5MDBiMjkzMTdjMGQyNDdlNzY1MWY1OWUwOTZiMDg2YjI0MzgzNWUyMDI1ZTI6NWIzZWYwNGY5YjIxYQ%3D%3D&ts=fHx8ZDQxZDh8fHxidWNrZXQwNDl8fHx8NWIzZWYwNGY5YTkxM3x8fDE1MzA4NTE0MDcuOTgzfGY4ZGVmYzI1MzVlZGI0YTIyOGY5NDg5OGI5MmFhMmQwMDc3OTI2MGN8fHx8fDF8fHwwfDViM2VmMDRmOGJhMTVjODUxNThiNGY0OHx8fDB8fHx8fDB8MHx8fHx8fHx8fHwwfDF8NWIzZWYwNGY4YmExNWM4NTE1OGI0ZjQ4fDB8MHwxfDA%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off HTTP/1.1 
Host: wow2005.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://wow2005.org/2017

                                         
                                         166.78.103.6
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 06 Jul 2018 04:30:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Click-Track: '1f674acfc827153533d83fec8788fe1cc6d67099'
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: wow2005.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         166.78.103.6
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Fri, 06 Jul 2018 04:30:09 GMT
Content-Length: 0
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2016 08:03:01 GMT
Etag: "57df9bb5-0"
Accept-Ranges: bytes


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         54.230.187.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162209
Date: Fri, 06 Jul 2018 04:30:09 GMT
Etag: "5b3eb602-1d7"
Expires: Sun, 08 Jul 2018 01:20:16 GMT
Last-Modified: Fri, 06 Jul 2018 00:21:22 GMT
Server: ECS (dca/5327)
X-Cache: Miss from cloudfront
Via: 1.1 3a1ecc9dcd42c75121657572bf7b2d34.cloudfront.net (CloudFront)
X-Amz-Cf-Id: fQVNfSBro90qMwvTjXOi3CM08_mXAqW8ZB43J3M48mk53ToWVFSIfQ==


--- Additional Info ---
Magic:  data
Size:   471
Md5:    13bf094eada424eae74a4938c2b7d416
Sha1:   2245d3c86f83b9966a375828f89778f62e158a51
Sha256: 8358b16ab1555eb6895a8447e411bfe621b1756d103b6a65df250c0552105851
                                        
                                            POST / HTTP/1.1 
Host: ocsp.rootca1.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         54.230.187.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 1426
Connection: keep-alive
Date: Fri, 06 Jul 2018 04:30:09 GMT
Server: WEBrick/1.3.1 (Ruby/2.3.6/2017-12-14)
X-Cache: Miss from cloudfront
Via: 1.1 028b99aa24684800a2763651fc3fcbbb.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ahKFqanUI-RF-FD1xQvrCT2nMLjR6JXoMDAHTCQEZNfTZEsshSeOyg==


--- Additional Info ---
Magic:  data
Size:   1426
Md5:    59c1998cc486f03179f100fcbe844286
Sha1:   bf2dc7357ee2e230269ee90cf9e73d85af27bd67
Sha256: d2b063015f0663e31c67dc6428df206f047d8d979c4c55f3ff2cf4f35defbc78
                                        
                                            GET /tr?id=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjA3MDYwNDMwIiwiZCI6IndvdzIwMDUub3JnIn0.CQUWrbd4ffjjpd7eAKrEw48Qs3xIHlP4MVQotcM4_A4 HTTP/1.1 
Host: katie.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://wow2005.org/2017

                                         
                                         52.23.126.71
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 06 Jul 2018 04:30:10 GMT
Content-Length: 2110
Connection: keep-alive
P3P: CP="CUR NOI NID STA STP"
X-Robots-Tag: noindex, nofollow
Set-Cookie: checkme=633ed747a30c141a927a804cf9cbf0b8b789; Path=/


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   2110
Md5:    b747bf89e721c795cae679f8dfb6059e
Sha1:   7a645cf0dcebfb10a15200080b3f840923b71452
Sha256: 24c540d1088eb50701d51a2fe6753fbfb536ee1c1f555e4acd38291a89b357f3
                                        
                                            GET /trx?id=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r&confirm=633ed747a30c141a927a804cf9cbf0b8&size=886704&noframe=1&ref=http://wow2005.org/2017&reftaken=feed&refEqual=true HTTP/1.1 
Host: katie.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://katie.runtnc.net/tr?id=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjA3MDYwNDMwIiwiZCI6IndvdzIwMDUub3JnIn0.CQUWrbd4ffjjpd7eAKrEw48Qs3xIHlP4MVQotcM4_A4
Cookie: checkme=633ed747a30c141a927a804cf9cbf0b8b789

                                         
                                         52.23.126.71
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 06 Jul 2018 04:30:10 GMT
Content-Length: 233
Connection: keep-alive
P3P: CP="CUR NOI NID STA STP"
X-Robots-Tag: noindex, nofollow
Referrer-Policy: no-referrer


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   233
Md5:    cd6a0935bc6ce13edeeca4f519370c13
Sha1:   9569b9660dc3935e243506ddca8ae5e23399ade7
Sha256: 2295551d64478a11cf503fe0617ca548b2a53b2dc1d529c76affa9de20e16d25
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: katie.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: checkme=633ed747a30c141a927a804cf9cbf0b8b789

                                         
                                         52.23.126.71
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 06 Jul 2018 04:30:10 GMT
Content-Length: 150
Connection: keep-alive
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   150
Md5:    84241342d84ac29592a5d9516f8edf7f
Sha1:   03c53980e18e17625f439c20e7d438f066202428
Sha256: 6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
                                        
                                            GET /includes/router_land.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&keyword=59b55618d8c3ee3a0b0a7e58&lpx=tef&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         161.47.7.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Date: Fri, 06 Jul 2018 04:18:46 GMT
Location: http://www.reimageplus.com/lp/teg/index.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Connection: Keep-Alive
Set-Cookie: X-Mapping-fjhppofk=8EB7C1D4029F1355B7CBC09E2173829E; path=/ _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D59b55618d8c3ee3a0b0a7e58%26lpx%3Dtef%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/ _testcookie=test; expires=Fri, 06-Jul-2018 04:24:46 GMT; path=/ rmo=true; expires=Mon, 20-Aug-2018 04:18:46 GMT; path=/; domain=reimageplus.com marketnetwork_subid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=reimageplus.com
Content-Length: 22


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    a0501a98ab1b294fd669c2ecd1b8c027
Sha1:   ecd8ceda437c617578af895ce922b9497f20938b
Sha256: cada81a8faf83daa504d843d0795ec58a6f77bd94a28345385cdb54cef383832
                                        
                                            GET /lp/teg/index.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=8EB7C1D4029F1355B7CBC09E2173829E; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D59b55618d8c3ee3a0b0a7e58%26lpx%3Dtef%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd; _testcookie=test; rmo=true

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Date: Fri, 06 Jul 2018 04:18:46 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: Keep-Alive
Set-Cookie: PHPSESSID=2852o6kcd16bj841ijm9nfopl4; path=/ _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _testcookie=test; expires=Fri, 06-Jul-2018 04:24:46 GMT; path=/
Content-Length: 4014


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4014
Md5:    f6ca2e94b5038d8466931a5c06413ca3
Sha1:   d687d5d578b7dee27449c529823b194555c42956
Sha256: aea04db6050a5c0daf40af5671746476e1195475b4bd354be6dcf54f122343eb
                                        
                                            GET /ajax/libs/jquery/1.5.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         216.58.207.202
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 29839
Date: Wed, 27 Jun 2018 19:08:14 GMT
Expires: Thu, 27 Jun 2019 19:08:14 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 724916


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29839
Md5:    9a9b2acb8c0cf46985e07996f688b43d
Sha1:   341c927be8f8344f30afb46d49ce6b5e3da62c7d
Sha256: 0b1e12a7712d7b092fd5e1b2724d6e248670ff82620ec75e24105b6b127e3ca8
                                        
                                            GET /lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef
Cookie: X-Mapping-fjhppofk=8EB7C1D4029F1355B7CBC09E2173829E; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D59b55618d8c3ee3a0b0a7e58%26lpx%3Dtef%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd; _testcookie=test; rmo=true; PHPSESSID=2852o6kcd16bj841ijm9nfopl4

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Date: Fri, 06 Jul 2018 04:18:46 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: Keep-Alive
Set-Cookie: _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/ _testcookie=test; expires=Fri, 06-Jul-2018 04:24:46 GMT; path=/
Content-Length: 10244


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   10244
Md5:    6a49d195fc4267727aa1395363a5a478
Sha1:   0c5ffb66f3fe1b7deca586b26f3cc2af72d23374
Sha256: 21679e5eeefe5002a3dfe24d70bbcb5eec54b42f6e07013e85cff6d31d12ecd4
                                        
                                            GET /website/newwebsite/lp/tef/Win7.gif HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef
Cookie: rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 06 Jul 2018 04:30:11 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1468501926"
Cache-Control: max-age=86400
Content-Length: 3059
Last-Modified: Thu, 14 Jul 2016 13:12:06 GMT
X-HW: 1530851411.dop006.sk1.t,1530851411.cds013.sk1.c


--- Additional Info ---
Magic:  GIF image data, version 89a, 60 x 62
Size:   3059
Md5:    72edefcd39d81e6d207b19834e6941ef
Sha1:   03e824da65cf1fbb8849c06df5fee4f753d3d8ce
Sha256: 41e53e6880391a2ffdcecfc04969e62ade0e3383c54aed8c281a3c5c122a5f3c
                                        
                                            GET /meter/www.reimageplus.com/23.gif HTTP/1.1 
Host: images.scanalert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         54.192.185.176
HTTP/1.1 200 OK
Content-Type: image/png; charset=UTF-8
                                        
Content-Length: 3005
Connection: keep-alive
Date: Fri, 06 Jul 2018 03:42:44 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: public
Expires: Fri, 06 Jul 2018 04:42:44 GMT
Content-Encoding: gzip
Age: 2847
X-Cache: Hit from cloudfront
Via: 1.1 dd4af21493d3ba23c0054c0878d3d120.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 7SQZLoAXm5P69CCfLX2Fn2jLKfnKIqVla1MzNT-Q3TLpyC7K1Y2M3g==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   3005
Md5:    102539419ea49058a5fd78365f742469
Sha1:   e4e891e5dc0d2c41eabf5dd8b497c191c287560a
Sha256: 7d59d63d95e75cf20757455fb4c3cc5333a2aacbf0424fc92a7a01ad3b694370
                                        
                                            GET /lp/teg/css/style.css HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef
Cookie: X-Mapping-fjhppofk=8EB7C1D4029F1355B7CBC09E2173829E; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D59b55618d8c3ee3a0b0a7e58%26lpx%3Dtef%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd; _testcookie=test; rmo=true; PHPSESSID=2852o6kcd16bj841ijm9nfopl4; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 06 Jul 2018 04:18:46 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Accept-Ranges: bytes
Connection: Keep-Alive
Last-Modified: Mon, 30 Apr 2018 09:28:27 GMT
Content-Length: 2236


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2236
Md5:    402e8750b1727e1189633549832e0ea2
Sha1:   63d1c8cd2166c77c67418b5d5a71575e42471a3f
Sha256: 01ed7642b7830a4cf0761b7de9444407c2298e386d333c3097d5f75519751ca4
                                        
                                            GET /website/newwebsite/lp/tef/plus.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/css/style.css
Cookie: rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 06 Jul 2018 04:30:11 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1468501922"
Cache-Control: max-age=86400
Content-Length: 624
Last-Modified: Thu, 14 Jul 2016 13:12:02 GMT
X-HW: 1530851411.dop006.sk1.t,1530851411.cds058.sk1.c


--- Additional Info ---
Magic:  PNG image, 25 x 25, 8-bit/color RGB, non-interlaced
Size:   624
Md5:    47c1d3ee311e193de0cdd6e5b1a2eb4d
Sha1:   7f9d1d0cc1ffb72d64a75a088e8e9a1f105065c0
Sha256: 8c075719560b586b0c32318f5e963c3fea585c32a88cb874495c931e28f77ef9
                                        
                                            GET /pagead/conversion.js HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Fri, 06 Jul 2018 04:30:11 GMT
Expires: Fri, 06 Jul 2018 04:30:11 GMT
Cache-Control: private, max-age=3600
Etag: 8481826932034581888
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 7129
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   7129
Md5:    856a3fabd598fffe6dafc8fddd0c223e
Sha1:   a89bfce92ef53aef1273413b72ca43fa11fcb8e5
Sha256: 78adcaa048518bf97df3a802e48c62d66ef3e7ffae3f2559b3a168f473b6b3f1
                                        
                                            GET /website/newwebsite/lp/tef/download.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/css/style.css
Cookie: rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 06 Jul 2018 04:30:11 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1468501926"
Cache-Control: max-age=86400
Content-Length: 368
Last-Modified: Thu, 14 Jul 2016 13:12:06 GMT
X-HW: 1530851411.dop010.sk1.t,1530851411.cds058.sk1.c


--- Additional Info ---
Magic:  PNG image, 21 x 20, 8-bit/color RGB, non-interlaced
Size:   368
Md5:    3158e13e8184dbb60eada6725e897a95
Sha1:   9ee305bdd713bde36a49f580962cc83658b71f55
Sha256: da30e4140b53e29b452d18fdbe53efa3068e586f9d00f68da0ed2a68cbfab310
                                        
                                            GET /tracker/track.php?&tracking=Ton&campaign=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&lpx=tef HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef
Cookie: X-Mapping-fjhppofk=8EB7C1D4029F1355B7CBC09E2173829E; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D59b55618d8c3ee3a0b0a7e58%26lpx%3Dtef%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd; _testcookie=test; rmo=true; PHPSESSID=2852o6kcd16bj841ijm9nfopl4; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
P3P: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml"
Date: Fri, 06 Jul 2018 04:18:46 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: Keep-Alive
Set-Cookie: _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _trackid=5253741269; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _trackid_5253741269=5253741269; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _tracking=Ton; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _tracking_Ton=Ton; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _campaign=RON-NO-DESKTOP-Zero_tef; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _campaign_RON-NO-DESKTOP-Zero_tef=RON-NO-DESKTOP-Zero_tef; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _adgroup=direct; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _adgroup_direct=direct; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _keyword=59b55618d8c3ee3a0b0a7e58; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _keyword_59b55618d8c3ee3a0b0a7e58=59b55618d8c3ee3a0b0a7e58; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _ads=direct; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _ads_direct=direct; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _browser=Firefox; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _browser_Firefox=Firefox; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _country=Norway; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com _country_Norway=Norway; expires=Tue, 04-Sep-2018 04:18:46 GMT; path=/; domain=reimageplus.com
Content-Length: 20


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
                                        
                                            GET /assets/styles/jquery.fancybox/jquery.fancybox-2.css HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef
Cookie: X-Mapping-fjhppofk=8EB7C1D4029F1355B7CBC09E2173829E; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D59b55618d8c3ee3a0b0a7e58%26lpx%3Dtef%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd; _testcookie=test; rmo=true; PHPSESSID=2852o6kcd16bj841ijm9nfopl4; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 06 Jul 2018 04:18:46 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Connection: Keep-Alive
Content-Length: 1606


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1606
Md5:    39c87544233ef0fafef3816c7dc083d1
Sha1:   b5a214c16e29bb922d7dd247c8cd4ab32a48ec15
Sha256: e39857dbe26db2b9569d4ee2d3246135a51f76684c0caa76a4b7ba1d63f0b8ea
                                        
                                            GET /dc.js HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         74.125.131.154
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Fri, 06 Jul 2018 04:00:24 GMT
Expires: Fri, 06 Jul 2018 06:00:24 GMT
Last-Modified: Fri, 18 May 2018 01:10:24 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17093
Cache-Control: public, max-age=7200
Age: 1787


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17093
Md5:    5f65521f6c6223e1e18cb161832bea2a
Sha1:   f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
Sha256: 787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
                                        
                                            GET /assets/scripts/jquery.fancybox/jquery.fancybox-2.js HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef
Cookie: X-Mapping-fjhppofk=8EB7C1D4029F1355B7CBC09E2173829E; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D59b55618d8c3ee3a0b0a7e58%26lpx%3Dtef%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd; _testcookie=test; rmo=true; PHPSESSID=2852o6kcd16bj841ijm9nfopl4; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: Apache/2.2.15 (CentOS)
Date: Fri, 06 Jul 2018 04:18:47 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Accept-Ranges: bytes
Connection: Keep-Alive
Last-Modified: Sun, 07 Jun 2015 06:06:18 GMT
Content-Length: 48716


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   48716
Md5:    932c065e6c0658681ca19a34d45981f4
Sha1:   7e10f6aba5d7bc1b21e0c62ba107ac5593c039d8
Sha256: 1a2da275a2f66503da340a4b38a064c5329d8b3f03eb057dee553786482c4874
                                        
                                            GET /website/newwebsite/lp/tef/minus.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/css/style.css
Cookie: rmo=true; _trackid=5253741269; _trackid_5253741269=5253741269; _tracking=Ton; _tracking_Ton=Ton; _campaign=RON-NO-DESKTOP-Zero_tef; _campaign_RON-NO-DESKTOP-Zero_tef=RON-NO-DESKTOP-Zero_tef; _adgroup=direct; _adgroup_direct=direct; _keyword=59b55618d8c3ee3a0b0a7e58; _keyword_59b55618d8c3ee3a0b0a7e58=59b55618d8c3ee3a0b0a7e58; _ads=direct; _ads_direct=direct; _browser=Firefox; _browser_Firefox=Firefox; _country=Norway; _country_Norway=Norway; __utma=141870001.1683624580.1530851412.1530851412.1530851412.1; __utmb=141870001.1.10.1530851412; __utmc=141870001; __utmz=141870001.1530851412.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 06 Jul 2018 04:30:12 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1468501925"
Cache-Control: max-age=86400
Content-Length: 580
Last-Modified: Thu, 14 Jul 2016 13:12:05 GMT
X-HW: 1530851412.dop006.sk1.t,1530851412.cds008.sk1.c


--- Additional Info ---
Magic:  PNG image, 25 x 25, 8-bit/color RGB, non-interlaced
Size:   580
Md5:    27e624f58dfbc7e0b9d4d475181fc2dd
Sha1:   844b10905ee3fe43aa080ed9c48e379e82cca94b
Sha256: c5edda2dd802c5d9d437729d83c888306918e94262111bd24e3dc78560b7c6bd
                                        
                                            GET /r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=330594149&utmhn=www.reimageplus.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmhid=1607115977&utmr=0&utmp=%2Flp%2Fteg%2Findex_src.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef&utmht=1530851412272&utmac=UA-24411584-1&utmcc=__utma%3D141870001.1683624580.1530851412.1530851412.1530851412.1%3B%2B__utmz%3D141870001.1530851412.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1940244136&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         74.125.131.154
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Fri, 06 Jul 2018 04:30:12 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 06 Jul 2018 04:30:12 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    b584c40b60bef70ca8a922dbc803dfe7
Sha1:   c7a7f444ea22b5f56563feac492681e4c1801cd5
Sha256: e943a0beba03cffc8a610e8e8756afd420d9337464cd97011577d42786f81857
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 06 Jul 2018 04:30:12 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /js/1.js HTTP/1.1 
Host: cdn.ywxi.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         54.192.185.247
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Content-Length: 2693
Connection: keep-alive
Date: Fri, 06 Jul 2018 03:37:03 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Expires: Fri, 06 Jul 2018 04:37:03 GMT
Content-Encoding: gzip
Age: 3189
X-Cache: Hit from cloudfront
Via: 1.1 5298d14814ac28e02807dcd709261cca.cloudfront.net (CloudFront)
X-Amz-Cf-Id: t_huNUFIqhN_pj8rebZHEX6PiDGUKW0bjnoMKkLzq1W2gYtswvwPTg==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   2693
Md5:    ec445ae4fa3a03d84cc90368467ee9a3
Sha1:   82df3eb182e1dd958a5313b440dda6e6244c5b32
Sha256: cd357ed0c8ceda8c96bb9ff6d482d5891f3e865a60ccc660ee1ee0a80fdedd2a
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: katie.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: checkme=633ed747a30c141a927a804cf9cbf0b8b789

                                         
                                         52.23.126.71
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 06 Jul 2018 04:30:12 GMT
Content-Length: 150
Connection: keep-alive
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   150
Md5:    84241342d84ac29592a5d9516f8edf7f
Sha1:   03c53980e18e17625f439c20e7d438f066202428
Sha256: 6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
                                        
                                            GET /pagead/conversion/1038302480/?random=1530851411602&cv=9&fst=1530851411602&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef&ref=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         216.58.207.194
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Fri, 06 Jul 2018 04:30:12 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038302480/?random=890269465&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef&ref=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=VPA-W52CHcWQZPCkpLgO&crd=CKrPGw&gsr=
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 06 Jul 2018 04:30:12 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    4cbf303bbff6ea659cf4a895f5c6d719
Sha1:   1c0f1ece48d0e4221eb3cfe2d20a612f374c9246
Sha256: 13522b7b297e799af6a965efa642626113a45bdf2ae5456d3088e8b7f7109a96
                                        
                                            GET /pagead/viewthroughconversion/1038302480/?random=890269465&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef&ref=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=VPA-W52CHcWQZPCkpLgO&crd=CKrPGw&gsr= HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         172.217.21.162
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Fri, 06 Jul 2018 04:30:12 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Location: https://www.google.com/ads/user-lists/1038302480/?random=890269465&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef&ref=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CKrPGw&cdct=2&is_vtc=1&random=2331097352&resp=GooglemKTybQhCsO
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Fri, 06-Jul-2018 04:45:12 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 06 Jul 2018 04:30:12 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    c528eeba8d46e4bedf60be0c54621026
Sha1:   dbc22302d79aecfe85ecdc40a631e0407cfe2dba
Sha256: b3116367f7f03f45cfadd5219728d6f9e9212efd1b18dddedd89a712dc7e7a56
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 06 Jul 2018 04:30:12 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    b7a135f132ae93a7ec45778f4059cd2a
Sha1:   84c91199240f92df55ad3dd571378f76290fe921
Sha256: 43627f038fd37de09d536864bed96ba9df6b5f9c8e5d100ef4bfb602112969c1
                                        
                                            GET /ads/user-lists/1038302480/?random=890269465&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef&ref=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D59b55618d8c3ee3a0b0a7e58%26context%3D01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd%26nms%3D1%26lpx%3Dtef&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CKrPGw&cdct=2&is_vtc=1&random=2331097352&resp=GooglemKTybQhCsO&ipr=y&ulfeg=n HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 06 Jul 2018 04:30:12 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
Server: adclick_server
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /mfesecure-public/host/reimageplus.com/client.js HTTP/1.1 
Host: s3-us-west-2.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         52.218.241.8
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: 2ukabjHprTxTFYo1GSOhbWLEJik9KTlWK0SMLspHfrQfbvlIerETtvIsCdPgfDgF9SFLM5GExTc=
x-amz-request-id: FAC85F74AB013A61
Date: Fri, 06 Jul 2018 04:30:13 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 04 Jul 2018 02:45:55 GMT
Etag: "b59090b7bbb33a367b6eb82bfd4c2069"
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: zpgJgyafpPTJRX3FMSIXbikPmwDuR0wr
Accept-Ranges: bytes
Content-Length: 160
Server: AmazonS3


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   160
Md5:    b59090b7bbb33a367b6eb82bfd4c2069
Sha1:   0c53207950f764fbf55faa604139faf5c8158c18
Sha256: 434367e7c517a675611a8756bae9e5d007efd2336c1ce6af3fc1b80bc6673fa1
                                        
                                            GET /static/img/tm-float.png HTTP/1.1 
Host: cdn.ywxi.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         54.192.185.247
HTTP/1.1 200 OK
Content-Type: image/png; charset=UTF-8
                                        
Content-Length: 9330
Connection: keep-alive
Date: Fri, 27 Apr 2018 01:07:47 GMT
Expires: Sat, 28 Apr 2018 01:07:47 GMT
Cache-Control: public, max-age=86400
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Etag: "HioVbLUyInv"
Last-Modified: Thu, 26 Apr 2018 22:02:54 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Age: 11945
X-Cache: Hit from cloudfront
Via: 1.1 5298d14814ac28e02807dcd709261cca.cloudfront.net (CloudFront)
X-Amz-Cf-Id: PuQHZEL7NbopFRpYWdcWnWyzjQuRqT_hUZBusGWq3TpvMdy2d2jcBQ==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   9330
Md5:    c4c9391d05918c1a7045dff82c1391b2
Sha1:   be2ec6556d902ae0d78fa62cf2cb2751f357e8c0
Sha256: ec706c9c38eb71c40deb0d3deb2abe51058dc256910bfde4ef76d2a2bae24f61
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         54.230.187.22
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167908
Date: Fri, 06 Jul 2018 04:30:12 GMT
Etag: "5b3e965b-1d7"
Expires: Sun, 08 Jul 2018 02:52:26 GMT
Last-Modified: Thu, 05 Jul 2018 22:06:19 GMT
Server: ECS (dca/5328)
X-Cache: Miss from cloudfront
Via: 1.1 3a1ecc9dcd42c75121657572bf7b2d34.cloudfront.net (CloudFront)
X-Amz-Cf-Id: EpA0jBBJ-5o6hwSZkg1G6tQFiVXJp-ExfzM0eSIC-WMwp8JL1Ml3kA==


--- Additional Info ---
Magic:  data
Size:   471
Md5:    a1c0bc4c9673010057022639b837cdde
Sha1:   fe5f3938933cc9cf8a40ff67ffcd5db40a923bc3
Sha256: 7d5405a496f34bc96b07092011c748773ae8a589017ef91dc0e0b2cacc201235
                                        
                                            GET /js/1.js HTTP/1.1 
Host: cdn.trustedsite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         54.192.185.80
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Content-Length: 3509
Connection: keep-alive
Date: Fri, 06 Jul 2018 04:12:07 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Expires: Fri, 06 Jul 2018 05:12:07 GMT
Content-Encoding: gzip
Age: 1086
X-Cache: Hit from cloudfront
Via: 1.1 ba66aaac82355794be6a26dfdb6258e6.cloudfront.net (CloudFront)
X-Amz-Cf-Id: sHyCuUrzGAkraNLvbyNnZTVgeWpHJ06V74UJUNsZB3iFVHWhOXhN0w==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   3509
Md5:    0aa5787925fccdf98974dcabe5fd337e
Sha1:   8e346dbdd290586505b684651efa6b94563f4310
Sha256: b816f829d4cddbd3b76ebea842e9f49ccc089738d70be0d3f30d8b8c2cbbf565
                                        
                                            GET /trustedsite-public/host/reimageplus.com/client.js HTTP/1.1 
Host: s3-us-west-2.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         52.218.241.8
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: KGHon8MJ0Nvo/KQ/OM6/+KLjdBkXKTooEZvX87wwrX4HUN2EJsFy1k9gxoIQe2QdhG3kmEstxhY=
x-amz-request-id: FBC61319929503F8
Date: Fri, 06 Jul 2018 04:30:14 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 04 Jul 2018 23:05:38 GMT
Etag: "99a45cba3096b08317048a968af70cbd"
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: Otnbc0GHkBiRt7w2FfDBHNevvLnNWi3E
Accept-Ranges: bytes
Content-Length: 148
Server: AmazonS3


--- Additional Info ---
Magic:  data
Size:   207
Md5:    46db5c356633b731b758c097c9a2b75f
Sha1:   8b6d8129b1a302260de0b56b9ec5e3a160359c85
Sha256: c77ca322892cc910fb47464e039b10cfec1e127c8bd6eadd6283110a3cdd7dd8
                                        
                                            POST / HTTP/1.1 
Host: gp.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1415
Content-Transfer-Encoding: binary
Cache-Control: max-age=490625, public, no-transform, must-revalidate
Last-Modified: Wed, 4 Jul 2018 20:47:18 GMT
Expires: Wed, 11 Jul 2018 20:47:18 GMT
Date: Fri, 06 Jul 2018 04:30:13 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1415
Md5:    a6c7d055128b03a361a3c75ebcef449c
Sha1:   d7a18a4ef90638a96b712ea193faa6a302ed7a9c
Sha256: 4b3dd97e728a34d3037d4da34a4e1c0b9333e5befaf8126d4bae60894d1c1fd0
                                        
                                            GET /rpc/ajax?do=tmjs-visit&host=reimageplus.com&rand=1530851412873 HTTP/1.1 
Host: www.mcafeesecure.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         54.187.107.242
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Date: Fri, 06 Jul 2018 04:30:13 GMT
Content-Length: 40
Connection: keep-alive
Set-Cookie: AWSALB=hrrxsaTvhnQPnVOno6JsZr89pH0KjF1+8r89uHEjVWutPEhVLKsCbfRKQl8JjGVKJwZzJhMNrlqJ8YcClCi1USsO/MYsnyCBpHUIveVkVt0CO/ZJ/uArNBbTsW4N; Expires=Fri, 13 Jul 2018 04:30:13 GMT; Path=/
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   40
Md5:    9c64f26007df210923bbc150d8e84501
Sha1:   6bdc468fef6643cda1409597f98d889fa3ca276b
Sha256: 6ade2d1806c3eddab0206c7ae450d88c40cda63c00f65615a21453f06067a1f7
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=8EB7C1D4029F1355B7CBC09E2173829E; _testcookie=test; rmo=true; PHPSESSID=2852o6kcd16bj841ijm9nfopl4; _trackid=5253741269; _trackid_5253741269=5253741269; _tracking=Ton; _tracking_Ton=Ton; _campaign=RON-NO-DESKTOP-Zero_tef; _campaign_RON-NO-DESKTOP-Zero_tef=RON-NO-DESKTOP-Zero_tef; _adgroup=direct; _adgroup_direct=direct; _keyword=59b55618d8c3ee3a0b0a7e58; _keyword_59b55618d8c3ee3a0b0a7e58=59b55618d8c3ee3a0b0a7e58; _ads=direct; _ads_direct=direct; _browser=Firefox; _browser_Firefox=Firefox; _country=Norway; _country_Norway=Norway; __utma=141870001.1683624580.1530851412.1530851412.1530851412.1; __utmb=141870001.1.10.1530851412; __utmc=141870001; __utmz=141870001.1530851412.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; mfesecure_visit=1

                                         
                                         161.47.7.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 06 Jul 2018 04:18:49 GMT
Location: http://www.reimageplus.com/images/reimage.ico
Connection: Keep-Alive
Content-Length: 253


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   253
Md5:    89fbda29cd4758e3ab1f35468df805c2
Sha1:   337a11ad7f3201d716eafe475be4744c14579cb1
Sha256: aa3c8a7d131750c62a273230a83039796256fc9b9f7cb160de4b7e97a39af71d
                                        
                                            GET /images/reimage.ico HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=8EB7C1D4029F1355B7CBC09E2173829E; _testcookie=test; rmo=true; PHPSESSID=2852o6kcd16bj841ijm9nfopl4; _trackid=5253741269; _trackid_5253741269=5253741269; _tracking=Ton; _tracking_Ton=Ton; _campaign=RON-NO-DESKTOP-Zero_tef; _campaign_RON-NO-DESKTOP-Zero_tef=RON-NO-DESKTOP-Zero_tef; _adgroup=direct; _adgroup_direct=direct; _keyword=59b55618d8c3ee3a0b0a7e58; _keyword_59b55618d8c3ee3a0b0a7e58=59b55618d8c3ee3a0b0a7e58; _ads=direct; _ads_direct=direct; _browser=Firefox; _browser_Firefox=Firefox; _country=Norway; _country_Norway=Norway; __utma=141870001.1683624580.1530851412.1530851412.1530851412.1; __utmb=141870001.1.10.1530851412; __utmc=141870001; __utmz=141870001.1530851412.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; mfesecure_visit=1

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: Apache/2.2.15 (CentOS)
Date: Fri, 06 Jul 2018 04:18:49 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Accept-Ranges: bytes
Connection: Keep-Alive
Last-Modified: Mon, 30 Apr 2012 13:14:46 GMT
Content-Length: 894


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   894
Md5:    d0c2bd29933d303826e58db070e10832
Sha1:   1a6f18c55c3cd9ea9ff9485afc30c213a6aeefef
Sha256: 3af4842e79f2e783c9a73e19493a10164df5cf27e7e2fb67fb51b2f99d3b4d84
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=8EB7C1D4029F1355B7CBC09E2173829E; _testcookie=test; rmo=true; PHPSESSID=2852o6kcd16bj841ijm9nfopl4; _trackid=5253741269; _trackid_5253741269=5253741269; _tracking=Ton; _tracking_Ton=Ton; _campaign=RON-NO-DESKTOP-Zero_tef; _campaign_RON-NO-DESKTOP-Zero_tef=RON-NO-DESKTOP-Zero_tef; _adgroup=direct; _adgroup_direct=direct; _keyword=59b55618d8c3ee3a0b0a7e58; _keyword_59b55618d8c3ee3a0b0a7e58=59b55618d8c3ee3a0b0a7e58; _ads=direct; _ads_direct=direct; _browser=Firefox; _browser_Firefox=Firefox; _country=Norway; _country_Norway=Norway; __utma=141870001.1683624580.1530851412.1530851412.1530851412.1; __utmb=141870001.1.10.1530851412; __utmc=141870001; __utmz=141870001.1530851412.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; mfesecure_visit=1

                                         
                                         161.47.7.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 06 Jul 2018 04:18:52 GMT
Location: http://www.reimageplus.com/images/reimage.ico
Connection: Keep-Alive
Content-Length: 253


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   253
Md5:    89fbda29cd4758e3ab1f35468df805c2
Sha1:   337a11ad7f3201d716eafe475be4744c14579cb1
Sha256: aa3c8a7d131750c62a273230a83039796256fc9b9f7cb160de4b7e97a39af71d
                                        
                                            GET /getseal?host_name=www.reimageplus.com&size=XS&use_flash=NO&use_transparent=YES&lang=en HTTP/1.1 
Host: seal.websecurity.norton.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /getseal?host_name=www.reimageplus.com&size=XS&use_flash=NO&use_transparent=YES&lang=en HTTP/1.1 
Host: seal.websecurity.norton.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=59b55618d8c3ee3a0b0a7e58&context=01b821f8dae425d853df6bd0b6db6718b41c8ba069.r.1530851407.6585260b73fa596f7033ef1f1100c5fd&nms=1&lpx=tef

                                         
                                         0.0.0.0
                                        


--- Additional Info ---