Overview

URL ctsexpo.com/
IP154.95.222.140
ASNAS2905 TICSA-ASN
Location Seychelles
Report completed2019-01-18 20:46:34 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-01-18 2 ctsexpo.com/ Malware
2019-01-18 2 www.ctsexpo.com/ Malware
2019-01-18 2 www.ctsexpo.com/html/oHSLEyqJDSAVUJ1PJ0MHIHODFkkoDD.js Malware
2019-01-18 2 www.ctsexpo.com/html/DHgPEyqpUHOHDI1RDSSHUIuPUISrE1kSI0NsJRR.js Malware
2019-01-18 2 www.ctsexpo.com/html/DHgPEyqpUHOHDI1RDSSHUIuPUIMVKSSqJ1SnDEkoDD.js Malware
2019-01-18 2 www.ctsexpo.com/html/DHgPEyqpUHOHDI1RDSSHUIuPUI1OI1kqJ1knUSuP.js Malware
2019-01-18 2 www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1oDE1oD0qHDRfpNkjTUNNsK1gsUSuP.js Malware
2019-01-18 2 www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1oDE1PExgqIjVsJRR.js Malware
2019-01-18 2 js.users.51.la/19418503.js Malware
2019-01-18 2 www.ctsexpo.com/ Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

No other reports on IP: 154.95.222.140


Last 10 reports on ASN: AS2905 TICSA-ASN

Date UQ / IDS / BL URL IP
2019-06-27 06:53:20 +0200
0 - 0 - 0 www.bj-jindian.com 45.203.121.232
2019-06-25 22:38:43 +0200
0 - 0 - 0 www.acaeglobal.com 154.0.168.131
2019-06-21 18:52:57 +0200
0 - 0 - 0 webdisk.gcu.org.za/ 154.0.174.58
2019-06-17 21:03:50 +0200
0 - 0 - 0 supernovafoundation.org/ 197.242.144.48
2019-06-14 15:20:09 +0200
0 - 0 - 0 interpol.ipudev.com 154.92.135.241
2019-06-14 13:18:56 +0200
0 - 0 - 0 www.naturalmedicina.net/7wns.js 45.197.81.109
2019-06-13 06:56:55 +0200
0 - 0 - 0 https://www.metrofilegroup.com 197.242.158.118
2019-06-12 14:50:16 +0200
0 - 0 - 0 https://eurostar-tgv.com/ 154.91.206.177
2019-06-12 14:49:02 +0200
0 - 0 - 0 eurostar-tgv.com/ 154.91.206.177
2019-06-11 00:58:00 +0200
0 - 0 - 1 www.nfcfzk.com/news/zmqy/5.html 154.81.100.208

No other reports on domain: ctsexpo.com



JavaScript

Executed Scripts (18)


Executed Evals (3)

#1 JavaScript::Eval (size: 261, repeated: 1) - SHA256: e74bc363acb8e5b162331ac01ad64cea3c3f0e50f3df47d2bf45d48dcdb7a94b

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 1,
    "vd": 1,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 1,
    "ekc": "",
    "sid": 1547840764595,
    "tt": "��8)L:_��8)L:Q@_8)��8�Q - home",
    "kw": "",
    "cu": "http://www.ctsexpo.com/",
    "pu": ""
})
                                    

#2 JavaScript::Eval (size: 4, repeated: 2) - SHA256: 5b8d2b991d2c1f5bf78beb557d17e6650086a267e5ffd4bb6f8aaa942c570f5d

                                        ({})
                                    

#3 JavaScript::Eval (size: 217, repeated: 1) - SHA256: 9d64f1823fd1d85a3c96ade3b71be46284f52f4cf5c82c1907a370b363486f85

                                        document.write('<center id="showcloneshengxiaon"><iframe scrolling="no" marginheight=0 marginwidth=0  frameborder="0" width="100%" width="1400" height="8050" src="https://42ye.com/?channel=S0001"></iframe></center>');
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 198, repeated: 1) - SHA256: 1d2d402649d09f0141228c132a4ffce567126689ffb7f6b44c395c4fe97cbb6f

                                        < center id = "showcloneshengxiaon" > < iframe scrolling = "no"
marginheight = 0 marginwidth = 0 frameborder = "0"
width = "100%"
width = "1400"
height = "8050"
src = "https://42ye.com/?channel=S0001" > < /iframe></center >
                                    


HTTP Transactions (59)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         154.95.222.140
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:26 GMT
Content-Length: 178
Connection: keep-alive
Location: http://www.ctsexpo.com/


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: text/html; charset=gbk
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.31
Set-Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6491
Md5:    c97bdd30566d7b0a505de6e6fa166530
Sha1:   02d930187a76b00450ef648c297a14f99fec1a14
Sha256: d5799da96a0822f6d08c3b214915f2988d072b3850e28f7a938fcbda59e7f4a4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: text/css;charset=gbk
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   11920
Md5:    b905a432cfa87039d666103fbecb37b0
Sha1:   4d490308fd6537f710518d916fd70bf79e74a08f
Sha256: 79574d707b5838ff7b930d1423c6bb6597bae6cee875a7198e8369ab40a490a0
                                        
                                            GET /html/oHSLEyqJDSAVUJ1PJ0MHIHODFkkoDD.js HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=gbk
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Content-Length: 95
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  ASCII C program text, with CRLF line terminators
Size:   95
Md5:    cb16b8b2fae1a2cb3ddba43817fdc763
Sha1:   c1bb1153a3ebb528f86fa5cc57ddd4bfbe9bd4af
Sha256: 66897f9cf68b725abd635d7dc7c1f4e91c80a41779c91bd25cf3a504d8f07407

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /html/oHSLEyqJDSAVUJ1PJ0MHIHODF21IUSSPDD.css HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: text/css;charset=gbk
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Content-Length: 20
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   20
Md5:    311749c1d5f9bcf240ca9c25eae61f47
Sha1:   29703f0938cab5945db52e553f3f22cbd7f0b478
Sha256: 183f83b69b6f7ced023f06bc9b98b2d00c9e08b5c627c1f6e9002f48f0bbfb5c
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1FDHRrIHODFkkFDHR.css HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: text/css;charset=gbk
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   828
Md5:    afc3c20ba76eddbd4d5e21ec212df80a
Sha1:   6334b969b05abe457c4eebd292a15e9af45c510e
Sha256: 98264918eda2e811b0399ab8430d03ccbb66b48f38fd2a0143cea7f0bae90377
                                        
                                            GET /html/J1kII0bsERSGUSSPDD.css HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: text/css;charset=gbk
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Content-Length: 306
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   306
Md5:    dd6d64fd97f30b802ff9b6fdbbc9ad70
Sha1:   f13241ce333d1bc084ca2265260b74bd9bb5aea7
Sha256: 40d417a0cb1e9a05942fe20d4ab6ce2782d31094d1157578ce0f80381ab4e7bd
                                        
                                            GET /html/DHgPEyqpUHOHDI1RDSSHUIuPUISrE1kSI0NsJRR.js HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=gbk
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   762
Md5:    bd9ef72189fc690d2271cf340001f0ef
Sha1:   6d70d4f758107c5c7f0d1dc8df15f1a56c1e2fd7
Sha256: 4c70975239ff086b0b635647f2fc2b34cd8e82b093009ee7418c8d0eb040bfba

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /html/DHgPEyqpUHOHDI1RDSSHUIuPUIMVKSSqJ1SnDEkoDD.js HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=gbk
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1112
Md5:    6d48c5a9d239ada9356bc37c90dd2ac7
Sha1:   cde5832c1cf36244105720aa1e738e379964186a
Sha256: e70d06f4cf5ff244fac58882605c1a0b00eb099f009557bd746f96d1498f68e5

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /html/DHgPEyqpUHOHDI1RDSSHUIuPUI1OI1kqJ1knUSuP.js HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=gbk
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Content-Length: 648
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size:   648
Md5:    ccdba8a8ed118a385b33092b30261504
Sha1:   e41c77d81641795fc0ccc109c4a058ee5ab94bce
Sha256: e28b393862a9191fe08877274ebcbb34d820752593fe4923b20782e5267a4c12

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1oDE1oD0qHDRfpNkjTUNNsK1gsUSuP.js HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=gbk
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   41350
Md5:    9ab80419470eed6cf960563bd9a25177
Sha1:   b98bf71baf704c0919754dff83397434899289bc
Sha256: 806a414cbe1f2025acab2c3fcfbdb752e7c407d3ab329d25b86d8944af5aa205

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1oDE1PExgqIjVsJRR.js HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=gbk
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   37860
Md5:    b907c571bd9b191fb1008212324ad7be
Sha1:   7c88bba582fff6c66580091127990eefd3b76802
Sha256: 9ad8c825cb39c02db8ae003f8efeebc41f22a78b4c1a4b609247355c92efcdd2

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.91
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "1B47A327BFD72355DCACF6C19A25E278410F45098616F234BF6AAC112ED97E57"
Last-Modified: Fri, 18 Jan 2019 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43200
Expires: Sat, 19 Jan 2019 07:46:03 GMT
Date: Fri, 18 Jan 2019 19:46:03 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    16bbbe9a27d51f414d550b2e6027be30
Sha1:   e7113afc3d4cb3292ceb6b4880af5132ac5bac2c
Sha256: 1b47a327bfd72355dcacf6c19a25e278410f45098616f234bf6aac112ed97e57
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.121
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Thu, 17 Jan 2019 22:30:17 GMT
Etag: "ddce2d18832f94a3a595001eff36ff1e27acc425"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=31146
Expires: Sat, 19 Jan 2019 04:25:09 GMT
Date: Fri, 18 Jan 2019 19:46:03 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    931594e8a9a8a7faf92071231dd4245c
Sha1:   ddce2d18832f94a3a595001eff36ff1e27acc425
Sha256: 52feba0b134aa93997a567d516dd7dc8e7df31b5c3bf9ba6ce9a6a7044b2e597
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrKy1JKEkOKSH.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 629 x 98, 8-bit/color RGBA, non-interlaced
Size:   125588
Md5:    e453553aa08e8e3e9b9f4314425318c7
Sha1:   0eaa47cf22ee88b262ef1e8c75fd54b84a657636
Sha256: 9c7aa9f3122a2930ea0a73e315476e81ecaddf091686530af9befa38748eccf9
                                        
                                            GET /html/NjLWNjbSPjbSOEkOKSH.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 280 x 280, 8-bit/color RGB, non-interlaced
Size:   1519
Md5:    b910494632b70723df985a3a3c29eeaa
Sha1:   de0500de3673667dd5de3806074601968f95d4d0
Sha256: ece996be5d35d721d685cdf2e112bfc3f8ae47ea2e686f2af560a5a9af222eb0
                                        
                                            POST /gsdomainvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Jan 2019 19:46:03 GMT
Content-Length: 1558
Connection: keep-alive
Set-Cookie: __cfduid=d703f15c6f1f760f021bf7ff089effc941547840763; expires=Sat, 18-Jan-20 19:46:03 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Fri, 18 Jan 2019 17:21:52 GMT
Expires: Tue, 22 Jan 2019 17:21:52 GMT
Etag: "5a0890ca2cb8467d5bbe16243bfc2c7a9b4a90b3"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 49b390c4a18942bb-OSL


--- Additional Info ---
Magic:  data
Size:   1558
Md5:    a9b190cf526d2b269acdc70e5a544d39
Sha1:   5a0890ca2cb8467d5bbe16243bfc2c7a9b4a90b3
Sha256: 35574835ca80993f135d36d9af0e90ddfb991cd9319cba097ef33aaca50bcde7
                                        
                                            GET /static.js HTTP/1.1 
Host: www.v-pack.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/

                                         
                                         156.235.245.2
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:51:32 GMT
Content-Length: 783
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   783
Md5:    b1dca8120633bf255c28cb466edd632e
Sha1:   1016fb73a97e552e2f53db1b63d0bca339dc4c1a
Sha256: 20825b3b74483afaa4e70371c0eda20c9599124ed9e128683c8eeabbd5cbc2e8
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrNtZsDykJ.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 199 x 60, 8-bit/color RGBA, non-interlaced
Size:   10301
Md5:    5cc32a75cab66e8a872f1ffdf07e92aa
Sha1:   9692884a8c044b14d1560bf7f5486658f99d12b2
Sha256: d5630dbc499817e1d8499b256490b4db19815d8d098591766cfd3134a97f645e
                                        
                                            GET /html/oJ1qKISDKu0QUKS0UDS1UDO1PaRQpKDNNKS3NaLQOaROqULNpNVVO3RTOz0POtbONtS0pJ0SOtg0PkkOKSH.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 1000 x 254, 8-bit/color RGBA, non-interlaced
Size:   281065
Md5:    2ce3d2d8c2cf13cf0d24c0fd1b095c74
Sha1:   e9cb788ae6999673752dd560f531aef1aed76d1a
Sha256: 1898830b4bb06f6dfa6867645c90764c81d55ed67e1be09dedeaf0752ed9e0df
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrNtRsDykJ.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 199 x 60, 8-bit/color RGBA, non-interlaced
Size:   8969
Md5:    db27c0926cf5ce2e78d79b8ebb7d743b
Sha1:   5d118f6fa51c44ca58ae77438842ccf2473bf9b8
Sha256: 448c260fb904c5913bba6ace8c3c7a815476812dca76fb8b7d28580ef2646906
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrNtLsDykJ.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 199 x 60, 8-bit/color RGBA, non-interlaced
Size:   4938
Md5:    a12d1c5aaf38d26a4f7f59ebcff5679d
Sha1:   6cb7387ca52bcf95362d517567d290fe2395a60b
Sha256: ce8e1190734ea947477d55f0336c2ba6dbdd12b47eb00456a0c01448f93c2563
                                        
                                            GET /html/oJ1qKISDKu10UDE0UDLOUKSlqNSmNNLWpDbWO3LQONgmq3NSpNRNpUAlNJ0NNNfVOUE3q20Sqtc3PkkOKSH.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 1000 x 254, 8-bit/color RGBA, non-interlaced
Size:   317689
Md5:    e6e40ccf3b248c885d269beb4b31bac3
Sha1:   96177264665575cd9cfeaa31e050b3e9b881993f
Sha256: 288ff7bfc4b609e53f5c92ce505dd6932fcea4e5cdcdc2bc07f4618e2f7007c8
                                        
                                            GET /html/oJ1qKISDKu0RUDZUUKqmUDHVOtbQq3DPNUS1PjNPPtO0OKZWpKOjqaOlOz13pDNPPtIlP20SNjfRqOkOKSH.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 1000 x 254, 8-bit/color RGBA, non-interlaced
Size:   268639
Md5:    516eb79482ef32cd92382e7a8cbadbc4
Sha1:   4922fee5996ae398ebe2b52574cfce43dcf3cdd3
Sha256: af8deb01e9224e505e36594e6467bdb75035442f4621f138ca2d7b9f15edcfe7
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrNtHsDykJ.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 199 x 60, 8-bit/color RGBA, non-interlaced
Size:   12550
Md5:    c1441fab034d76805b4be75688aa70de
Sha1:   777bf3b5b1df0897c2920da655faf3f7d6526e98
Sha256: 3008d55e1dc583568d9c0b4468428c1905221cf95b179079c92d086b870aa4ee
                                        
                                            GET /html/oJ1qKISDKu0SUKA3UDpPUDIjpDNQpDLTP3NVNKRSpUS1NtZPNUpQNNA0qT0PPtM1qURNN20SOUpOPukOKSH.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 1000 x 254, 8-bit/color RGBA, non-interlaced
Size:   290312
Md5:    4af537ac22c479b93c4bcd0132e221ef
Sha1:   4d2d02d986a945c49f7f7ff24d87a5304a11d2d7
Sha256: 22d17a7bb1942059b07b42827303d9d9e7a16d736ddd5fe0a596b36c04b5eb73
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 15 Jan 2019 14:21:55 GMT
Etag: F5A9E2AE2CEE74CFC9C792F60B7C0B7F351ECE90
X-OCSP-Responder-ID: mcdpcaocsp2
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=325558
Expires: Tue, 22 Jan 2019 14:12:02 GMT
Date: Fri, 18 Jan 2019 19:46:04 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    3f3daca1bde240dc0f8ad3a7f7460b49
Sha1:   f5a9e2ae2cee74cfc9c792f60b7c0b7f351ece90
Sha256: 10f89bcaf95ecc4240045798973e4336b9f3fa6906c5924a8e89bf6c3a2485b1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 13 Jan 2019 00:16:54 GMT
Etag: 995DBD550DD7989B84FB553F8F47F23A0143A872
X-OCSP-Responder-ID: mcdpcaocsp10
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=102051
Expires: Sun, 20 Jan 2019 00:06:55 GMT
Date: Fri, 18 Jan 2019 19:46:04 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    28ced7710b00fc1b3751229a2779a45b
Sha1:   995dbd550dd7989b84fb553f8f47f23a0143a872
Sha256: 3ad11770ed840859b8cd77d3b6b03baca93f7d629e120a942e02ea634ad1c676
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 13 Jan 2019 00:16:54 GMT
Etag: 8AFF32FADCC385E868FE51B56D421911F22CD79D
X-OCSP-Responder-ID: mcdpcaocsp4
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=101991
Expires: Sun, 20 Jan 2019 00:05:55 GMT
Date: Fri, 18 Jan 2019 19:46:04 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    a3adb39b1a30bd8a77498ec7dea84dc8
Sha1:   8aff32fadcc385e868fe51b56d421911f22cd79d
Sha256: a47043aee18309cbf74d8aeb7757d44645d5524034f60315030e2d8f5ec00f63
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrNtfsDykJ.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 199 x 60, 8-bit/color RGBA, non-interlaced
Size:   10230
Md5:    881d51562928c35ce8338b76652e54c4
Sha1:   b6b729df94f901a6d68b1548c97cfd7a86f68c82
Sha256: 70ff8e66c34cc186b568397083a7b38fd92458c1d07ac8581de551f3ec66cb61
                                        
                                            GET /19418503.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/

                                         
                                         157.185.172.184
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=UTF-8
                                        
Date: Fri, 18 Jan 2019 19:46:04 GMT
Content-Length: 4898
Connection: keep-alive
Server: nginx/1.14.0
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSkGIRmVuYKgUWyhpQlVqM+YNZtiieYL
Etag: "51d271b448396c5bc72b09839730d0d6"
x-id: 19418503
version-id: G001116542105590FFFF900B00816E63
Last-Modified: Thu Aug 16 17:28:11 CST 2018
request-id: 000001685EC171089007EEA9360BC63D
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Disposition: inline;filename=f.txt
Age: 62802
X-Via: 1.1 am76:1 (Cdn Cache Server V2.0)[539 200 2], 1.1 PSmgytldATL1xk138:5 (Cdn Cache Server V2.0)[0 200 0]


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   4898
Md5:    51d271b448396c5bc72b09839730d0d6
Sha1:   dc99368bbae019d104a76fd59c515d45a9c1168d
Sha256: 96a93c278d4757ca8194dfe429836ab0e751b0f493a33418a92dfdc309952b17

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrEy1OoIOJNjVONukOKSH.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 1020 x 1, 8-bit/color RGB, non-interlaced
Size:   969
Md5:    60ac3e73e468702102b4b0fa3cc28822
Sha1:   daafd3a05ba7494761567cf9b16dbf66b29b016e
Sha256: 808989aa9b556078b75b29ecbbac1de744a1b83dba42f41a209fb7ebd613fe10
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrK1qsEkkOKSH.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 2 x 20, 8-bit/color RGB, non-interlaced
Size:   117
Md5:    a6f381c851ea335ab14cc2b55d708440
Sha1:   ad71b7bd3dffdae0c702b52c5044e7d8facb758b
Sha256: 0e4f4e89eb88aeb68f65d0da6058a774b8f3b5adb32d5d52e86bb65d98dda7e2
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrHI1sEyALKSqQoIOJUSuOID.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/jpg
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   1406
Md5:    03c8c849bbc6e0dc9f6f6b7afa8be3cd
Sha1:   be1bec868caf8d76c50ff0027b80b2e4a0dc0d60
Sha256: e91c3400bcda4d42de91325cf7507c125c87e3d5eb987d8adf99812cd9ac0396
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrHSAsKSqQHS1WoIOJUSuOID.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/jpg
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   1976
Md5:    ac311bedf5e2c95ce55ab54ee73b3d11
Sha1:   b8ed721569d170165840344867b38403e643a2ab
Sha256: 026dce0b97ff98f5a54239412958b644df4de9d8a1a8aa87984f4d7d896315b3
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrFxcOJ1RsDykJ.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 216 x 112, 8-bit/color RGBA, non-interlaced
Size:   47949
Md5:    35b48ed44ea44c6d129198e97ea8a86c
Sha1:   bbcfb2f76ee890f659e8072b2fac4247165d396d
Sha256: 2623b0b81bdfda186c7cb104c295b0d956d10eb427581a642f4843626f207ef9
                                        
                                            GET /?channel=S0001 HTTP/1.1 
Host: 42ye.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/

                                         
                                         148.253.244.213
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 18 Jan 2019 19:46:04 GMT
Server: PWS/8.3.2.1
X-Px: nc h0-s4008.p11-fra ( h0-s2.p8-hkg>CONN), nc h0-s2.p8-hkg ( origin)
Etag: W/"5c403d3e-89a"
Content-Length: 1076
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 17 Jan 2019 08:30:54 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1076
Md5:    e788262f620dc09606fd2b5e082a51aa
Sha1:   baa0b93697c7dbd976929569a7e245358d273e2e
Sha256: d67b490042d58dfeeac591f2d3e98461e6fc66fdd61efcc2ad17cba81900308d
                                        
                                            GET /css/chunk-vendors.779f7d1d.css HTTP/1.1 
Host: 42ye.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://42ye.com/?channel=S0001

                                         
                                         148.253.244.213
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 18 Jan 2019 19:46:05 GMT
Server: PWS/8.3.2.1
X-Px: ms h0-s4008.p11-fra ( h0-s4007.p11-fra), ht-d h0-s4007.p11-fra.cdngp.net
Etag: W/"5c4020c3-9d86"
Age: 131502
Cache-Control: max-age=604800
Expires: Thu, 24 Jan 2019 07:14:23 GMT
Content-Length: 10408
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 17 Jan 2019 06:29:23 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   10408
Md5:    f8673571f3fad304b18958d7fcbba4d5
Sha1:   d95fbc0f39381a5e4bfcd66017698d6c5820560f
Sha256: b9a7d9429236011a8fa97096eaaa49c202b53f8790e37520cb0093a0f8e23b21
                                        
                                            GET /css/app.954c90b4.css HTTP/1.1 
Host: 42ye.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://42ye.com/?channel=S0001

                                         
                                         148.253.244.213
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 18 Jan 2019 19:46:05 GMT
Server: PWS/8.3.2.1
X-Px: ms h0-s4008.p11-fra ( h0-s4007.p11-fra), ht-d h0-s4007.p11-fra.cdngp.net
Etag: W/"5c4020a8-3dd3"
Age: 133965
Cache-Control: max-age=604800
Expires: Thu, 24 Jan 2019 06:33:20 GMT
Content-Length: 5381
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 17 Jan 2019 06:28:56 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5381
Md5:    37f3a05751b7542beef42e4ea2088b7b
Sha1:   4457797734eb2bd7ab49e668c0046cf60e7d7534
Sha256: 47b30c7324adfcd919d51bd8dd7135c8763f9ac3c82a0dbe6e002aaa5b18f7e0
                                        
                                            GET /html/oJ1qKISDKu0QUDI1UDROUDA1q3ZONjM3NDImOKDNp3ZUp3NVPaRVNKSjO20OPaLUO3pWNz0SPtDROOkOKSH.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 1000 x 254, 8-bit/color RGBA, non-interlaced
Size:   296534
Md5:    27d301dea014f37b7f1aa6ab98c93ca5
Sha1:   718c9e2e7f6b76b6c431140e5cab00187f339605
Sha256: 85711f00130aa1b3a4a80e8135dc5584b9395ee1a9ec282cc3968d3fc6ea5384
                                        
                                            GET /js/chunk-vendors.24f406a2.js HTTP/1.1 
Host: 42ye.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://42ye.com/?channel=S0001

                                         
                                         148.253.244.213
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 18 Jan 2019 19:46:05 GMT
Server: PWS/8.3.2.1
X-Px: ht h0-s4008.p11-fra.cdngp.net
Etag: W/"5c402130-3bd49"
Age: 133964
Cache-Control: max-age=604800
Expires: Thu, 24 Jan 2019 06:33:21 GMT
Content-Length: 73543
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 17 Jan 2019 06:31:12 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   73543
Md5:    7f76377893678ae7a9cb03c46a001704
Sha1:   0256e32dfc67232369cb29bfa62d561e00cc27a7
Sha256: 7700a0d5221b3d2d9fa1eeb8e2b440c18bcf37fac954c8401802c53b6f08f798
                                        
                                            GET /js/app.dba06bd5.js HTTP/1.1 
Host: 42ye.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://42ye.com/?channel=S0001

                                         
                                         148.253.244.213
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 18 Jan 2019 19:46:05 GMT
Server: PWS/8.3.2.1
X-Px: ht h0-s4008.p11-fra.cdngp.net
Etag: W/"5c402109-a44e"
Age: 131502
Cache-Control: max-age=604800
Expires: Thu, 24 Jan 2019 07:14:23 GMT
Content-Length: 14977
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Thu, 17 Jan 2019 06:30:33 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   14977
Md5:    56309e0b2330e90077e29837cd6a3a1d
Sha1:   be0e774812870c71db3f68da8fed06181f5df61c
Sha256: abc26c4155c228e82a497aae361872b197da95bd2258b2df357216a80aa9945f
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrEygSKyqhJ1SrKOkJJ1D.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 9
Size:   53
Md5:    e16f04d194715b5e3e1a559d0a651dfc
Sha1:   a5c2f8d67b98b14ccc49abb7e2aac4bcfc30ee7b
Sha256: 0d94987faaa3320b4590c10ddf8daf56323ddb989af9a2dcbdddd7b85b30b0ed
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrHSAsKSqQHS1WoIgsHSHsJRWJ.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 302 Moved Temporarily
Content-Type: image/jpg
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: /


--- Additional Info ---
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrDI5LIyqQU1AQDS1TURWsID.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  PNG image, 235 x 32, 8-bit colormap, non-interlaced
Size:   1107
Md5:    c210f7b7793a574077b4781ebb132f85
Sha1:   93a930347ee3646c2b002cb63f27e98ac15bc565
Sha256: 62b1e73898f304eef503a9915e2a995b354ca0e08e897c9b4122b9c5bced9139
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrIS1rEyqQoIOJNjVONukoDyH.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/jpg
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   1252
Md5:    7d2de174143362a5080763d8505b351d
Sha1:   d503e69bd953f5e16d07ee0b83b6b29ab9da0a17
Sha256: 98c2c1b3e0057d196b79f06f9d4ae9c8a73fd490072abb10c548091d5c86f26b
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrK11QIkkJJ1D.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 34 x 13
Size:   85
Md5:    2ac8b6d0762dc8b7c36e22304d88ec7d
Sha1:   cf15d6afb9c06b343353ebabdf6ac91c47e44863
Sha256: bb157735394d3a9482a3fdf032658f7ea399c217933eccd8e2effd8480fdce1a
                                        
                                            GET /html/IyELKyqPUDfWONLrEI5WFk1LK1AJI0RrHI1sEyqsEz1GIDZONtVsIIgK.jpg HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1020 x 51
Size:   1234
Md5:    c121e40c0b9990ff6faa93129107d3b6
Sha1:   7bf5b545c831a2c054002599e261366043d4ba1f
Sha256: c27ee1737967be3fc34fda3ada0158c27a637ed5773bd7be3c5dafce8432fc6a
                                        
                                            GET /go1?id=19418503&rt=1547840764595&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1547840764595&tt=%25E6%25BE%25B3%25E9%2597%25A8%25E6%25B0%25B8%25E5%2588%25A9%25E8%25B5%258C%25E5%259C%25BA_%25E6%25BE%25B3%25E9%2597%25A8%25E6%25B0%25B8%25E5%2588%25A9%25E8%25B5%258C%25E5%259C%25BA%25E7%25BD%2591%25E5%259D%2580_%25E6%25B0%25B8%25E5%2588%25A9%25E9%259B%2586%25E5%259B%25A2%25E6%25B8%25B8%25E6%2588%258F%25E5%25AE%2598%25E7%25BD%2591%2520-%2520home&kw=&cu=http%253A%252F%252Fwww.ctsexpo.com%252F&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/

                                         
                                         183.131.207.78
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Fri, 18 Jan 2019 19:46:05 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=4417fe3eba54e509369; path=/ HWWAFSESTIME=1547840762544; path=/


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: www.ctsexpo.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/html/IyELKyqPUDfWONLrEI5WFk1FDHRrDHMVKypsHHSP.css
Cookie: PHPSESSID=7l0tq4q4noih7pgimuqrk09135; __tins__19418503=%7B%22sid%22%3A%201547840764595%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201547842564595%7D; __51cke__=; __51laig__=1

                                         
                                         154.95.222.140
HTTP/1.1 200 OK
Content-Type: text/html; charset=gbk
                                        
Server: nginx
Date: Fri, 18 Jan 2019 19:46:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.31
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6491
Md5:    c97bdd30566d7b0a505de6e6fa166530
Sha1:   02d930187a76b00450ef648c297a14f99fec1a14
Sha256: d5799da96a0822f6d08c3b214915f2988d072b3850e28f7a938fcbda59e7f4a4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /img/pcbg.00591865.jpg HTTP/1.1 
Host: 42ye.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://42ye.com/css/app.954c90b4.css

                                         
                                         148.253.244.213
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 18 Jan 2019 19:46:05 GMT
Server: PWS/8.3.2.1
X-Px: ht h0-s4008.p11-fra.cdngp.net
Etag: "5c402141-85760"
Age: 133954
Cache-Control: max-age=604800
Expires: Thu, 24 Jan 2019 06:33:31 GMT
Accept-Ranges: bytes
Content-Length: 546656
Last-Modified: Thu, 17 Jan 2019 06:31:29 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   546656
Md5:    00591865662da6679a653addb9e86fcc
Sha1:   61eefa3f29a39066536fbec20c75eea290f90d5e
Sha256: 9db0cf872e59ced10f522e4c6e985524a4ecc167d337eaeb6fe6fb8ba52244c6
                                        
                                            GET /z_stat.php?id=1275963527&web_id=1275963527 HTTP/1.1 
Host: s96.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://42ye.com/?channel=S0001

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /se/exttailcontentscript/?sbid=tailjs-7649727_24979&isTopFrame=false&url=http%3A%2F%2F111.198.173.252%3A8080%2Fsystem%2Flogin.jsp HTTP/1.1 
Host: bcc0e825-2420-4190-af25-abd45d41ea3a
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.ctsexpo.com/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request
Cookie: __cfduid=d703f15c6f1f760f021bf7ff089effc941547840763

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Jan 2019 19:46:24 GMT
Content-Length: 1570
Connection: keep-alive
Last-Modified: Fri, 18 Jan 2019 19:17:23 GMT
Expires: Tue, 22 Jan 2019 19:17:23 GMT
Etag: "e2dca1dba739b3ae74507726c774ff711a639448"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 49b3914777d042bb-OSL


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    8c9df4ada2d78342c3801d9455b7c6a6
Sha1:   e2dca1dba739b3ae74507726c774ff711a639448
Sha256: 414f08173fe14f330f99d944ed6b038e2dbf120ede4f61b7f67fad3a538a1ac7
                                        
                                            GET /z_stat.php?id=1275963527&web_id=1275963527 HTTP/1.1 
Host: s96.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://42ye.com/?channel=S0001

                                         
                                         58.218.215.188
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 11734
Connection: keep-alive
Date: Fri, 18 Jan 2019 18:53:25 GMT
Last-Modified: Fri, 18 Jan 2019 18:53:24 GMT
Cache-Control: max-age=5400,s-maxage=5400
Ali-Swift-Global-Savetime: 1547837605
Via: cache13.l2cn8[0,200-0,H], cache7.l2cn8[1,0], kunlun5.cn192[0,200-0,H], kunlun10.cn192[0,0]
Age: 3181
X-Cache: HIT TCP_MEM_HIT dirn:0:165886851
X-Swift-SaveTime: Fri, 18 Jan 2019 18:54:54 GMT
X-Swift-CacheTime: 5311
Timing-Allow-Origin: *
EagleId: 3adad01e15478407863613176e


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   11734
Md5:    21ac314168fafa2aa9e38d1dfff3f395
Sha1:   6e86b3d997342e48334ac2200293bd57fb73a182
Sha256: 3e2f76dfef1381b9fafd7943dea0c59de9b89f34644c28a2c518632d09aae092
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request
Cookie: __cfduid=d703f15c6f1f760f021bf7ff089effc941547840763

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Jan 2019 19:46:27 GMT
Content-Length: 1570
Connection: keep-alive
Last-Modified: Fri, 18 Jan 2019 19:17:23 GMT
Expires: Tue, 22 Jan 2019 19:17:23 GMT
Etag: "e2dca1dba739b3ae74507726c774ff711a639448"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 49b3915991e742bb-OSL


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    8c9df4ada2d78342c3801d9455b7c6a6
Sha1:   e2dca1dba739b3ae74507726c774ff711a639448
Sha256: 414f08173fe14f330f99d944ed6b038e2dbf120ede4f61b7f67fad3a538a1ac7
                                        
                                            GET /stat.htm?id=1275963527&r=http%3A%2F%2Fwww.ctsexpo.com%2F&lg=en-us&ntime=none&cnzz_eid=305818851-1547837604-null&showp=1176x885&t=%E6%BE%B3%E9%96%80%E5%A3%B9%E8%99%9F%E9%80%9A&umuuid=168628010c5cc-02ac9e055e97ed-6c242d76-fe178-168628010c63e&h=1&rnd=692889145 HTTP/1.1 
Host: z2.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://42ye.com/?channel=S0001

                                         
                                         203.119.206.95
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Fri, 18 Jan 2019 19:46:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /core.php?web_id=1275963527&t=z HTTP/1.1 
Host: c.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://42ye.com/?channel=S0001

                                         
                                         58.218.215.188
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 996
Connection: keep-alive
Date: Fri, 18 Jan 2019 19:42:23 GMT
Last-Modified: Fri, 18 Jan 2019 19:42:22 GMT
Expires: Fri, 18 Jan 2019 19:57:22 GMT
Ali-Swift-Global-Savetime: 1547840543
Via: cache20.l2cn8[0,200-0,H], cache5.l2cn8[0,0], kunlun6.cn192[0,200-0,H], kunlun3.cn192[0,0]
Age: 245
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Fri, 18 Jan 2019 19:43:12 GMT
X-Swift-CacheTime: 850
Timing-Allow-Origin: *
EagleId: 3adad01715478407881185399e


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   996
Md5:    074d8f3b1003f84db6dc8163179f933c
Sha1:   e548bff1b8ffab86fa4df90f09f9413621fdff90
Sha256: 5f7fc0160f93aed9cb932d12d76cd64e5c81da28f34bd85ac559a2f7f6d3833b
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request
Cookie: __cfduid=d703f15c6f1f760f021bf7ff089effc941547840763

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 18 Jan 2019 19:46:28 GMT
Content-Length: 1570
Connection: keep-alive
Last-Modified: Fri, 18 Jan 2019 16:19:46 GMT
Expires: Tue, 22 Jan 2019 16:19:46 GMT
Etag: "eb4d21b7d1dec4507431dc8a6eed6aff296abffa"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 49b39160b2bc42bb-OSL


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    f601b7d6544800fd3606ac67ccb300c7
Sha1:   eb4d21b7d1dec4507431dc8a6eed6aff296abffa
Sha256: 694a9c96f627247e8094cf201c47bb9f24790a3b1115ab3c84a6c522b9e6c9b7