Overview

URL cjfeeds.com/
IP185.53.178.26
ASNAS61969 Team Internet AG
Location Germany
Report completed2018-08-09 23:03:31 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-08-09 2 parkingcrew.net/assets/scripts/js3.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 5 reports on IP: 185.53.178.26

Date UQ / IDS / BL URL IP
2018-08-10 12:17:09 +0200
0 - 0 - 1 www.americanexress.de/ 185.53.178.26
2017-12-23 19:33:54 +0100
0 - 1 - 0 9down.cf/track.php?domain=9down.cf 185.53.178.26
2017-12-22 03:02:23 +0100
0 - 1 - 0 9down.cf/track.php?click=ca6b9e339e90197d1e11 (...) 185.53.178.26
2017-12-06 04:10:12 +0100
0 - 1 - 0 9down.cf/track.php?click=2818e2bc90c6fd57506d (...) 185.53.178.26
2017-12-06 01:42:28 +0100
0 - 1 - 0 9down.cf/track.php?click=2818e2bc90c6fd57506d (...) 185.53.178.26

Last 10 reports on ASN: AS61969 Team Internet AG

Date UQ / IDS / BL URL IP
2018-08-21 01:53:43 +0200
0 - 0 - 0 www.varycode.com/converter.html 185.53.178.8
2018-08-21 01:42:43 +0200
0 - 0 - 1 distrimarsanitarios.soydg.com/wp-content/them (...) 185.53.178.6
2018-08-21 00:52:51 +0200
0 - 0 - 1 clkh71yhks66.com/e0GNg6Vbt6JL8xzJin1R8LUVRU4V (...) 185.53.178.7
2018-08-21 00:49:21 +0200
0 - 0 - 1 clkh71yhks66.com/e0GNg/YNs6od9xzI2CsFo7hOEB8b (...) 185.53.178.7
2018-08-21 00:40:26 +0200
0 - 0 - 1 autometer.dk/coachuk.asp?mailto:furtacorprodu (...) 185.53.179.8
2018-08-21 00:20:24 +0200
0 - 0 - 1 www.123musiq.com/%5C%22http:/tags.crwdcntrl.n (...) 185.53.178.24
2018-08-20 23:54:42 +0200
0 - 0 - 1 rus-progress.ru/kovka/stroitelstvo-domov/isto (...) 185.53.178.6
2018-08-20 23:53:16 +0200
0 - 0 - 1 rus-progress.ru/kovka/stroitelstvo-domov/stro (...) 185.53.178.6
2018-08-20 23:52:28 +0200
0 - 0 - 1 rus-progress.ru/lestnicy/stroitelstvo-domov/p (...) 185.53.178.6
2018-08-20 23:51:54 +0200
0 - 0 - 1 rus-progress.ru/akcii/stroitelstvo-domov/stro (...) 185.53.178.6

Last 1 reports on domain: cjfeeds.com

Date UQ / IDS / BL URL IP
2018-08-09 23:31:19 +0200
0 - 0 - 1 bot.cjfeeds.com/ 185.53.178.6


JavaScript

Executed Scripts (31)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 995, repeated: 1) - SHA256: 25c9df8006c6910648d9468ccadb7e40b79f8813b90a5da84b5852182a760543

                                        < img height = "1"
width = "1"
border = "0"
alt = ""
src = "https://www.googleadservices.com/pagead/conversion/1038302480/?random=1533848582819&cv=9&fst=1533848582819&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef&ref=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef"
style = "display:none" / >
                                    


HTTP Transactions (49)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: cjfeeds.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         185.53.178.6
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 09 Aug 2018 21:02:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Check: 3c12dc4d54f8e22d666785b733b0052100c53444
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2065
Md5:    b2300c4f7c0b94cc06a6a2f7e883a166
Sha1:   26674965f87ac8ec4677cb4cb7102fc6c72f260e
Sha256: 1153332b468e98c4d1133d97bc2aae634a41ac3e547de9e9a6cb214020890550
                                        
                                            GET /assets/scripts/js3.js HTTP/1.1 
Host: parkingcrew.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cjfeeds.com/

                                         
                                         185.53.179.29
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 09 Aug 2018 21:02:59 GMT
Content-Length: 17915
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2016 08:03:01 GMT
Etag: "57df9bb5-45fb"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C++ program text, with very long lines
Size:   17915
Md5:    db3cacfb57ba35d3fcfdbbcf7d46bd42
Sha1:   64034a7b579d0fb46cc71417ff038da23886d6c8
Sha256: a606134e35db97024d04789609660c94f87f660dc259d91db5180e32787d4dad

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /track.php?domain=cjfeeds.com&toggle=browserjs&uid=MTUzMzg0ODU3OS40NTc0OjZjYmFlZDc0YmYxMWQ2OTllMGY5MGJmNGEzMjMxM2YyM2QwMGVkNmQzNjUyNzZmY2UxODdlYWFiYzczNTkwYjQ6NWI2Y2FjMDM2ZmFjZg%3D%3D HTTP/1.1 
Host: cjfeeds.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cjfeeds.com/

                                         
                                         185.53.178.6
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 09 Aug 2018 21:03:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Custom-Track: browserjs
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
                                        
                                            POST /ls.php HTTP/1.1 
Host: cjfeeds.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://cjfeeds.com/
Content-Length: 1326
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         185.53.178.6
HTTP/1.1 201 Created
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Thu, 09 Aug 2018 21:03:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Log-Success: 5b6cac0488fbce2f508b4727 (Hit: 0)
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400


--- Additional Info ---
                                        
                                            GET /track.php?click=1f674acfc827153533d83fec8788fe1cc6d67099&domain=cjfeeds.com&uid=MTUzMzg0ODU3OS40NTc0OjZjYmFlZDc0YmYxMWQ2OTllMGY5MGJmNGEzMjMxM2YyM2QwMGVkNmQzNjUyNzZmY2UxODdlYWFiYzczNTkwYjQ6NWI2Y2FjMDM2ZmFjZg%3D%3D&ts=fHx8ZDQxZDh8fHxidWNrZXQwNDl8fHx8NWI2Y2FjMDM2ZjJiYXx8fDE1MzM4NDg1NzkuODEzMXw1MTIyZDk1ZjkyZGU2NjA0MTUzMTUzYzE5NGZkYTlmMjdkY2MyNGZmfHx8fHwxfHx8MHx8fHwwfHx8fHwwfDB8fHx8fHx8fHx8MHwxfHwwfDB8MXww&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off HTTP/1.1 
Host: cjfeeds.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cjfeeds.com/

                                         
                                         185.53.178.6
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 09 Aug 2018 21:03:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Click-Track: '1f674acfc827153533d83fec8788fe1cc6d67099'
Access-Control-Allow-Origin: *
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: cjfeeds.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         185.53.178.6
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Thu, 09 Aug 2018 21:03:00 GMT
Content-Length: 0
Connection: keep-alive
Last-Modified: Mon, 19 Sep 2016 08:03:01 GMT
Etag: "57df9bb5-0"
Accept-Ranges: bytes


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         52.222.163.69
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168938
Date: Thu, 09 Aug 2018 21:03:00 GMT
Etag: "5b6c881c-1d7"
Expires: Sat, 11 Aug 2018 19:46:56 GMT
Last-Modified: Thu, 09 Aug 2018 18:29:48 GMT
Server: ECS (dca/2470)
X-Cache: Miss from cloudfront
Via: 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
X-Amz-Cf-Id: SkrEmG4WY_uSFG4t7XU81LoTDt0-DBCq7vE7oyLiwohL5LFWnUfzBA==


--- Additional Info ---
Magic:  data
Size:   471
Md5:    5b00156967b113e3b3e65f3b6c03c555
Sha1:   fa020380419b2c10bd8412a9d23deccdbe7bbb50
Sha256: b5b6d7b0a95b9aad12987c9b7cf2e19aef906585f06774f0310c14dca8e46f9f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.rootca1.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         52.222.163.91
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 1426
Connection: keep-alive
Date: Thu, 09 Aug 2018 21:03:01 GMT
Server: WEBrick/1.3.1 (Ruby/2.3.7/2018-03-28)
X-Cache: Miss from cloudfront
Via: 1.1 14484a063800eaed878a3068abf4dfac.cloudfront.net (CloudFront)
X-Amz-Cf-Id: NL1PiIxjuLc7CoBxuMnb1bnlIAJ5UP1bwvraPaqY2C1e9S_0V1V2dw==


--- Additional Info ---
Magic:  data
Size:   1426
Md5:    793a240d32288f45798f71da1b4098e3
Sha1:   6c7ee22777fdf4a27e7dcf097066f655b33486f7
Sha256: 4cc31ead4eb97c6ebe34b2821d6c76ff8b0db7ab4b8935ab73fbec1578dcb5f2
                                        
                                            GET /tr?id=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjA4MDkyMTAyIiwiZCI6ImNqZmVlZHMuY29tIn0._S8cVEBFS7Dc72Rz8VL_5P7vDsaK_WfIdxN_Tz9jIHw HTTP/1.1 
Host: katie.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cjfeeds.com/

                                         
                                         52.72.197.104
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Thu, 09 Aug 2018 21:03:01 GMT
Content-Length: 2130
Connection: keep-alive
P3P: CP="CUR NOI NID STA STP"
X-Robots-Tag: noindex, nofollow
Set-Cookie: checkme=5eccc3e63ccbfa0934cd305b57ca1463b789; Path=/


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   2130
Md5:    e2f593362eb91db908ad8f2ea9df6533
Sha1:   2c9f387806d349a8c23517cb926293b116863a9a
Sha256: 18394a610818a12c0917944773a6d687be55381ec128322aa5a7a7f8b183bb1a
                                        
                                            GET /trx?id=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r&confirm=5eccc3e63ccbfa0934cd305b57ca1463&size=886704&noframe=1&tnc_ref=http%3A%2F%2Fcjfeeds.com%2F&reftaken=feed&refEqual=true HTTP/1.1 
Host: katie.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://katie.runtnc.net/tr?id=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r&tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MDVjNmI4MTcxMzIwNDAyNTc1YjFkNmUiLCJ0cyI6IjA4MDkyMTAyIiwiZCI6ImNqZmVlZHMuY29tIn0._S8cVEBFS7Dc72Rz8VL_5P7vDsaK_WfIdxN_Tz9jIHw
Cookie: checkme=5eccc3e63ccbfa0934cd305b57ca1463b789

                                         
                                         52.72.197.104
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Thu, 09 Aug 2018 21:03:01 GMT
Content-Length: 233
Connection: keep-alive
P3P: CP="CUR NOI NID STA STP"
X-Robots-Tag: noindex, nofollow
Referrer-Policy: no-referrer


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   233
Md5:    9a92cb64e4779d24f4bbfe5c388d6f28
Sha1:   5c3fbf6d02a8730a0907c988e6a5e60a05f695a3
Sha256: 40e29d5418c870a2ce7a877fec1e91f4aa2338c4fd502ee833ce4ea732d187fa
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: katie.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: checkme=5eccc3e63ccbfa0934cd305b57ca1463b789

                                         
                                         52.72.197.104
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Thu, 09 Aug 2018 21:03:01 GMT
Content-Length: 150
Connection: keep-alive
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   150
Md5:    84241342d84ac29592a5d9516f8edf7f
Sha1:   03c53980e18e17625f439c20e7d438f066202428
Sha256: 6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
                                        
                                            GET /includes/router_land.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&keyword=50b6435124326ba457001fc3&lpx=tef&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514 HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         161.47.7.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Date: Thu, 09 Aug 2018 20:53:22 GMT
Location: http://www.reimageplus.com/lp/teg/index.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Connection: Keep-Alive
Set-Cookie: X-Mapping-fjhppofk=1DFA07D4C48259B708844DF3EEDF5AB6; path=/ _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D50b6435124326ba457001fc3%26lpx%3Dtef%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514; expires=Mon, 08-Oct-2018 20:53:22 GMT; path=/ _testcookie=test; expires=Thu, 09-Aug-2018 20:59:22 GMT; path=/ rmo=true; expires=Sun, 23-Sep-2018 20:53:22 GMT; path=/; domain=reimageplus.com marketnetwork_subid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=reimageplus.com
Content-Length: 22


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    a0501a98ab1b294fd669c2ecd1b8c027
Sha1:   ecd8ceda437c617578af895ce922b9497f20938b
Sha256: cada81a8faf83daa504d843d0795ec58a6f77bd94a28345385cdb54cef383832
                                        
                                            GET /lp/teg/index.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=1DFA07D4C48259B708844DF3EEDF5AB6; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D50b6435124326ba457001fc3%26lpx%3Dtef%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514; _testcookie=test; rmo=true

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Date: Thu, 09 Aug 2018 20:53:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: Keep-Alive
Set-Cookie: PHPSESSID=ubqsksqhr1gh6vgb83mrkc5nr7; path=/ _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _testcookie=test; expires=Thu, 09-Aug-2018 20:59:22 GMT; path=/
Content-Length: 4009


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4009
Md5:    320b2639eeed690286eb8fd776acee0e
Sha1:   ef25481119d807077a0a17c444d667a039349b10
Sha256: bb32a4ec7232917fdfbc18e1855659d29126c6fac498fd6b014cff82e392ef29
                                        
                                            GET /ajax/libs/jquery/1.5.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         172.217.22.170
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 29839
Date: Fri, 13 Jul 2018 08:53:39 GMT
Expires: Sat, 13 Jul 2019 08:53:39 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 2376563


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29839
Md5:    9a9b2acb8c0cf46985e07996f688b43d
Sha1:   341c927be8f8344f30afb46d49ce6b5e3da62c7d
Sha256: 0b1e12a7712d7b092fd5e1b2724d6e248670ff82620ec75e24105b6b127e3ca8
                                        
                                            GET /lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef
Cookie: X-Mapping-fjhppofk=1DFA07D4C48259B708844DF3EEDF5AB6; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D50b6435124326ba457001fc3%26lpx%3Dtef%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514; _testcookie=test; rmo=true; PHPSESSID=ubqsksqhr1gh6vgb83mrkc5nr7

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Date: Thu, 09 Aug 2018 20:53:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: Keep-Alive
Set-Cookie: _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef; expires=Mon, 08-Oct-2018 20:53:22 GMT; path=/ _testcookie=test; expires=Thu, 09-Aug-2018 20:59:22 GMT; path=/
Content-Length: 10240


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   10240
Md5:    d1dafb15187428b8c86d7dd6e3ea17ca
Sha1:   f99cb8a77583a7c88e5169d243c6a9f4ab438adb
Sha256: b67418379c30c5b37edf9ebf10bd4ad9071f9841e05dee0d8439f9c27281cbd6
                                        
                                            GET /pagead/conversion.js HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         216.58.209.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 09 Aug 2018 21:03:02 GMT
Expires: Thu, 09 Aug 2018 21:03:02 GMT
Cache-Control: private, max-age=3600
Etag: 16812389122905504706
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 7124
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   7124
Md5:    da4dafa862c398443f74d65ddb42bbcb
Sha1:   7edb98784e9f749c06068312fa22e2d3abd3a9fb
Sha256: 2d8395220b069f48514663336b676a7195138bc16d25650be2181e6f490709e9
                                        
                                            GET /website/newwebsite/lp/tef/Win7.gif HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef
Cookie: rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 09 Aug 2018 21:03:02 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1468501926"
Cache-Control: max-age=86400
Content-Length: 3059
Last-Modified: Thu, 14 Jul 2016 13:12:06 GMT
X-HW: 1533848582.dop012.sk1.t,1533848582.cds013.sk1.c


--- Additional Info ---
Magic:  GIF image data, version 89a, 60 x 62
Size:   3059
Md5:    72edefcd39d81e6d207b19834e6941ef
Sha1:   03e824da65cf1fbb8849c06df5fee4f753d3d8ce
Sha256: 41e53e6880391a2ffdcecfc04969e62ade0e3383c54aed8c281a3c5c122a5f3c
                                        
                                            GET /lp/teg/css/style.css HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef
Cookie: X-Mapping-fjhppofk=1DFA07D4C48259B708844DF3EEDF5AB6; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D50b6435124326ba457001fc3%26lpx%3Dtef%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514; _testcookie=test; rmo=true; PHPSESSID=ubqsksqhr1gh6vgb83mrkc5nr7; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 09 Aug 2018 20:53:22 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Accept-Ranges: bytes
Connection: Keep-Alive
Last-Modified: Mon, 30 Apr 2018 09:28:27 GMT
Content-Length: 2236


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2236
Md5:    402e8750b1727e1189633549832e0ea2
Sha1:   63d1c8cd2166c77c67418b5d5a71575e42471a3f
Sha256: 01ed7642b7830a4cf0761b7de9444407c2298e386d333c3097d5f75519751ca4
                                        
                                            GET /meter/www.reimageplus.com/23.gif HTTP/1.1 
Host: images.scanalert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         52.222.168.129
HTTP/1.1 200 OK
Content-Type: image/png; charset=UTF-8
                                        
Content-Length: 3005
Connection: keep-alive
Date: Thu, 09 Aug 2018 20:27:14 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: public
Expires: Thu, 09 Aug 2018 21:27:14 GMT
Content-Encoding: gzip
Age: 2148
X-Cache: Hit from cloudfront
Via: 1.1 d12467f4c051603df707c4dfa0fee85d.cloudfront.net (CloudFront)
X-Amz-Cf-Id: EsWqGlNVqWQxu8OOv-meTcmeAdhZXQimRZBO4MPtPBoK2CvBo1uuCA==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   3005
Md5:    102539419ea49058a5fd78365f742469
Sha1:   e4e891e5dc0d2c41eabf5dd8b497c191c287560a
Sha256: 7d59d63d95e75cf20757455fb4c3cc5333a2aacbf0424fc92a7a01ad3b694370
                                        
                                            GET /website/newwebsite/lp/tef/plus.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/css/style.css
Cookie: rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 09 Aug 2018 21:03:02 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1468501922"
Cache-Control: max-age=86400
Content-Length: 624
Last-Modified: Thu, 14 Jul 2016 13:12:02 GMT
X-HW: 1533848582.dop012.sk1.t,1533848582.cds058.sk1.c


--- Additional Info ---
Magic:  PNG image, 25 x 25, 8-bit/color RGB, non-interlaced
Size:   624
Md5:    47c1d3ee311e193de0cdd6e5b1a2eb4d
Sha1:   7f9d1d0cc1ffb72d64a75a088e8e9a1f105065c0
Sha256: 8c075719560b586b0c32318f5e963c3fea585c32a88cb874495c931e28f77ef9
                                        
                                            GET /website/newwebsite/lp/tef/download.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/css/style.css
Cookie: rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 09 Aug 2018 21:03:02 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1468501926"
Cache-Control: max-age=86400
Content-Length: 368
Last-Modified: Thu, 14 Jul 2016 13:12:06 GMT
X-HW: 1533848582.dop014.sk1.t,1533848582.cds058.sk1.c


--- Additional Info ---
Magic:  PNG image, 21 x 20, 8-bit/color RGB, non-interlaced
Size:   368
Md5:    3158e13e8184dbb60eada6725e897a95
Sha1:   9ee305bdd713bde36a49f580962cc83658b71f55
Sha256: da30e4140b53e29b452d18fdbe53efa3068e586f9d00f68da0ed2a68cbfab310
                                        
                                            GET /assets/styles/jquery.fancybox/jquery.fancybox-2.css HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef
Cookie: X-Mapping-fjhppofk=1DFA07D4C48259B708844DF3EEDF5AB6; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D50b6435124326ba457001fc3%26lpx%3Dtef%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514; _testcookie=test; rmo=true; PHPSESSID=ubqsksqhr1gh6vgb83mrkc5nr7; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 09 Aug 2018 20:53:22 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Connection: Keep-Alive
Content-Length: 1606


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1606
Md5:    39c87544233ef0fafef3816c7dc083d1
Sha1:   b5a214c16e29bb922d7dd247c8cd4ab32a48ec15
Sha256: e39857dbe26db2b9569d4ee2d3246135a51f76684c0caa76a4b7ba1d63f0b8ea
                                        
                                            GET /tracker/track.php?&tracking=Ton&campaign=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&lpx=tef HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef
Cookie: X-Mapping-fjhppofk=1DFA07D4C48259B708844DF3EEDF5AB6; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D50b6435124326ba457001fc3%26lpx%3Dtef%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514; _testcookie=test; rmo=true; PHPSESSID=ubqsksqhr1gh6vgb83mrkc5nr7; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
P3P: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml"
Date: Thu, 09 Aug 2018 20:53:22 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: Keep-Alive
Set-Cookie: _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _source=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _trackid=5390445225; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _trackid_5390445225=5390445225; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _tracking=Ton; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _tracking_Ton=Ton; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _campaign=RON-NO-DESKTOP-Zero_tef; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _campaign_RON-NO-DESKTOP-Zero_tef=RON-NO-DESKTOP-Zero_tef; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _adgroup=direct; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _adgroup_direct=direct; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _keyword=50b6435124326ba457001fc3; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _keyword_50b6435124326ba457001fc3=50b6435124326ba457001fc3; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _ads=direct; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _ads_direct=direct; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _browser=Firefox; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _browser_Firefox=Firefox; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _country=Norway; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com _country_Norway=Norway; expires=Mon, 08-Oct-2018 20:53:23 GMT; path=/; domain=reimageplus.com
Content-Length: 20


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
                                        
                                            GET /dc.js HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         64.233.164.157
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Thu, 09 Aug 2018 20:15:17 GMT
Expires: Thu, 09 Aug 2018 22:15:17 GMT
Last-Modified: Fri, 18 May 2018 01:10:24 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17093
Cache-Control: public, max-age=7200
Age: 2865


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17093
Md5:    5f65521f6c6223e1e18cb161832bea2a
Sha1:   f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
Sha256: 787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
                                        
                                            GET /assets/scripts/jquery.fancybox/jquery.fancybox-2.js HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef
Cookie: X-Mapping-fjhppofk=1DFA07D4C48259B708844DF3EEDF5AB6; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26keyword%3D50b6435124326ba457001fc3%26lpx%3Dtef%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514; _testcookie=test; rmo=true; PHPSESSID=ubqsksqhr1gh6vgb83mrkc5nr7; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: Apache/2.2.15 (CentOS)
Date: Thu, 09 Aug 2018 20:53:23 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Accept-Ranges: bytes
Connection: Keep-Alive
Last-Modified: Sun, 07 Jun 2015 06:06:18 GMT
Content-Length: 48716


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   48716
Md5:    932c065e6c0658681ca19a34d45981f4
Sha1:   7e10f6aba5d7bc1b21e0c62ba107ac5593c039d8
Sha256: 1a2da275a2f66503da340a4b38a064c5329d8b3f03eb057dee553786482c4874
                                        
                                            GET /website/newwebsite/lp/tef/minus.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/css/style.css
Cookie: rmo=true; _trackid=5390445225; _trackid_5390445225=5390445225; _tracking=Ton; _tracking_Ton=Ton; _campaign=RON-NO-DESKTOP-Zero_tef; _campaign_RON-NO-DESKTOP-Zero_tef=RON-NO-DESKTOP-Zero_tef; _adgroup=direct; _adgroup_direct=direct; _keyword=50b6435124326ba457001fc3; _keyword_50b6435124326ba457001fc3=50b6435124326ba457001fc3; _ads=direct; _ads_direct=direct; _browser=Firefox; _browser_Firefox=Firefox; _country=Norway; _country_Norway=Norway; __utma=141870001.1904794256.1533848584.1533848584.1533848584.1; __utmb=141870001.1.10.1533848584; __utmc=141870001; __utmz=141870001.1533848584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 09 Aug 2018 21:03:03 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1468501925"
Cache-Control: max-age=86400
Content-Length: 580
Last-Modified: Thu, 14 Jul 2016 13:12:05 GMT
X-HW: 1533848583.dop012.sk1.t,1533848583.cds008.sk1.c


--- Additional Info ---
Magic:  PNG image, 25 x 25, 8-bit/color RGB, non-interlaced
Size:   580
Md5:    27e624f58dfbc7e0b9d4d475181fc2dd
Sha1:   844b10905ee3fe43aa080ed9c48e379e82cca94b
Sha256: c5edda2dd802c5d9d437729d83c888306918e94262111bd24e3dc78560b7c6bd
                                        
                                            GET /r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=842457544&utmhn=www.reimageplus.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmhid=2082716509&utmr=0&utmp=%2Flp%2Fteg%2Findex_src.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef&utmht=1533848583534&utmac=UA-24411584-1&utmcc=__utma%3D141870001.1904794256.1533848584.1533848584.1533848584.1%3B%2B__utmz%3D141870001.1533848584.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1619295551&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         64.233.164.157
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Thu, 09 Aug 2018 21:03:03 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /js/1.js HTTP/1.1 
Host: cdn.ywxi.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         52.222.168.26
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Content-Length: 2696
Connection: keep-alive
Date: Thu, 09 Aug 2018 20:24:25 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Expires: Thu, 09 Aug 2018 21:24:25 GMT
Content-Encoding: gzip
Age: 2318
X-Cache: Hit from cloudfront
Via: 1.1 3ef066dcf359ad5dbc339df978147194.cloudfront.net (CloudFront)
X-Amz-Cf-Id: MUl0UoWPy_8jERL5EuhDukMs1i1uvrKDs4lGtIQS0wI-2akWdyRzHA==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   2696
Md5:    3eafe519059af71bc86a9b676bfdc0f3
Sha1:   ba59cd49eff1ca3819039d572c7c1ea4e9985411
Sha256: 4123e09602011805daf9147754bc0397e5392d3e0de698c1557aef51b37d2e62
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 09 Aug 2018 21:03:03 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    a9cd1d09f98a341056bf85a15af46474
Sha1:   22e72cb5ff0c56de225bce17e77a894e8efa0303
Sha256: 323eb2b9c65e997fe33361a59fc75d24b00d4cf5b2bc0ce015c18f07b1eba4cf
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 09 Aug 2018 21:03:03 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: katie.runtnc.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: checkme=5eccc3e63ccbfa0934cd305b57ca1463b789

                                         
                                         52.72.197.104
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Thu, 09 Aug 2018 21:03:03 GMT
Content-Length: 150
Connection: keep-alive
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   150
Md5:    84241342d84ac29592a5d9516f8edf7f
Sha1:   03c53980e18e17625f439c20e7d438f066202428
Sha256: 6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
                                        
                                            GET /pagead/conversion/1038302480/?random=1533848582819&cv=9&fst=1533848582819&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef&ref=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fteg%2Findex.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         216.58.209.130
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Thu, 09 Aug 2018 21:03:03 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038302480/?random=106057283&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef&ref=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=B6xsW9faLoebywXxoYn4Cw&crd=CKrPGw&gtd=
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 09 Aug 2018 21:03:03 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    2d8e69d6c5fb81839a0c722e57ce9bf4
Sha1:   86e895af29048a9b65ff412d0a6fc55e31aaa745
Sha256: a7a9b11328a33334e37068ba1bd818bbb2e0057793eb2ca6d84a5760676e48ae
                                        
                                            GET /pagead/viewthroughconversion/1038302480/?random=106057283&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef&ref=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=B6xsW9faLoebywXxoYn4Cw&crd=CKrPGw&gtd= HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         216.58.207.194
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Thu, 09 Aug 2018 21:03:03 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Location: https://www.google.com/ads/user-lists/1038302480/?random=106057283&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef&ref=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CKrPGw&cdct=2&is_vtc=1&random=3131787785&resp=GooglemKTybQhCsO
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Thu, 09-Aug-2018 21:18:03 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 09 Aug 2018 21:03:03 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    8e1bb8812cb9812df434cd4938ee00e0
Sha1:   e1d6247c0be3fb4cc4e2dcae0ddbbb5612d0d7dc
Sha256: 60cbaf2e6ab8140cd44c3e45ba0fef917da58004fe377bab479dd32708db3577
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 09 Aug 2018 21:03:04 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   525
Md5:    475b0abcb2dd2a7ed9ca09903ac54e75
Sha1:   1a8d8efb7116877f76c5d28de88ace08b1648a3b
Sha256: 1076f9768f323a0fdae1123e1fb7bbec3bfc7a142c2c062260481cf518f5e807
                                        
                                            GET /ads/user-lists/1038302480/?random=106057283&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef&ref=http://www.reimageplus.com/lp/teg/index.php%3Ftracking%3DTon%26banner%3DRON-NO-DESKTOP-Zero_tef%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3D50b6435124326ba457001fc3%26context%3D011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514%26nms%3D1%26lpx%3Dtef&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CKrPGw&cdct=2&is_vtc=1&random=3131787785&resp=GooglemKTybQhCsO&ipr=y&ulfeg=n HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         216.58.207.227
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 09 Aug 2018 21:03:04 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
Server: adclick_server
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /mfesecure-public/host/reimageplus.com/client.js HTTP/1.1 
Host: s3-us-west-2.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         52.218.241.208
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: HVUdnJZ3W1rQwDG6gN+OLliLMs8cQV/H/nuUbqDipSMdolxuGzItNOKp3MBYvWRX6/Y5fUytFqs=
x-amz-request-id: E3E6927C9E9F18AF
Date: Thu, 09 Aug 2018 21:03:05 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 08 Aug 2018 10:19:52 GMT
Etag: "b59090b7bbb33a367b6eb82bfd4c2069"
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: fVmmA5nwoVafDhZ8PQf07_qcbD7Hm5We
Accept-Ranges: bytes
Content-Length: 160
Server: AmazonS3


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   160
Md5:    b59090b7bbb33a367b6eb82bfd4c2069
Sha1:   0c53207950f764fbf55faa604139faf5c8158c18
Sha256: 434367e7c517a675611a8756bae9e5d007efd2336c1ce6af3fc1b80bc6673fa1
                                        
                                            GET /static/img/tm-float.png HTTP/1.1 
Host: cdn.ywxi.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         52.222.168.26
HTTP/1.1 200 OK
Content-Type: image/png; charset=UTF-8
                                        
Content-Length: 9330
Connection: keep-alive
Date: Thu, 26 Apr 2018 23:59:53 GMT
Expires: Fri, 27 Apr 2018 23:59:53 GMT
Cache-Control: public, max-age=86400
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Etag: "HioVbLUyInv"
Last-Modified: Thu, 26 Apr 2018 22:02:54 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Age: 75647
X-Cache: Hit from cloudfront
Via: 1.1 3ef066dcf359ad5dbc339df978147194.cloudfront.net (CloudFront)
X-Amz-Cf-Id: nYedd9GRT88DnJRiBQBwofIW0iRnNccu50J80HGOpSrVS0TQDh8DZg==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   9330
Md5:    c4c9391d05918c1a7045dff82c1391b2
Sha1:   be2ec6556d902ae0d78fa62cf2cb2751f357e8c0
Sha256: ec706c9c38eb71c40deb0d3deb2abe51058dc256910bfde4ef76d2a2bae24f61
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         52.222.163.69
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166244
Date: Thu, 09 Aug 2018 21:03:04 GMT
Etag: "5b6c67be-1d7"
Expires: Sat, 11 Aug 2018 18:56:17 GMT
Last-Modified: Thu, 09 Aug 2018 16:11:42 GMT
Server: ECS (dca/2486)
X-Cache: Miss from cloudfront
Via: 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront)
X-Amz-Cf-Id: MDcpVLafJQQjeHx2n5dJitWvYWAn0X1ARx6rPEMTLmu46j0LLan_lQ==


--- Additional Info ---
Magic:  data
Size:   471
Md5:    819b70c3f69ec4635e1d8060fa3e5d13
Sha1:   be99c390bfc02ce2a38355e2ec51857fd047189b
Sha256: 2c66f3062789d957aa53b3af711a770e3ac1cb5f98554d150b34ace216c7af2b
                                        
                                            GET /js/1.js HTTP/1.1 
Host: cdn.trustedsite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         52.222.168.158
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Content-Length: 1866
Connection: keep-alive
Date: Thu, 09 Aug 2018 20:20:14 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Expires: Thu, 09 Aug 2018 21:20:14 GMT
Content-Encoding: gzip
Age: 2570
X-Cache: Hit from cloudfront
Via: 1.1 1280e48937eca7de58e32cd35415f48a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: tWqu_y2JEZNShCycf1IXknh70Tz98nqRk7TeuYIE4V5GyTyhjSX71A==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   1866
Md5:    6a035d94e5cca842cab515c18c64d469
Sha1:   c979634980ab8dc86bc4e38e88e0887f986915fd
Sha256: b9ba17cc33276d17fc51c7e18f64043e3ee35b38d42fb841d92833049b312ef3
                                        
                                            GET /trustedsite-public/host/reimageplus.com/client.js HTTP/1.1 
Host: s3-us-west-2.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         52.218.241.208
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: V8HBVsYBZTQ7SOHRRkqiisjcTrxftCHdK1pdY/h9s5ArNyRzaxl8NWto7W6/kA7uZTEhM+2zpIM=
x-amz-request-id: BE0F08DEA9C81D76
Date: Thu, 09 Aug 2018 21:03:05 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 04 Jul 2018 23:05:38 GMT
Etag: "99a45cba3096b08317048a968af70cbd"
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: Otnbc0GHkBiRt7w2FfDBHNevvLnNWi3E
Accept-Ranges: bytes
Content-Length: 148
Server: AmazonS3


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   148
Md5:    99a45cba3096b08317048a968af70cbd
Sha1:   cdb50d86e5f776a679bd516f54f9b87eaee8938d
Sha256: bb45e632cbf9940c1180c70ff511fcd962b7fd2bc9c107f36a1c05850ca40582
                                        
                                            POST / HTTP/1.1 
Host: gp.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1415
Content-Transfer-Encoding: binary
Cache-Control: max-age=518312, public, no-transform, must-revalidate
Last-Modified: Wed, 8 Aug 2018 21:01:36 GMT
Expires: Wed, 15 Aug 2018 21:01:36 GMT
Date: Thu, 09 Aug 2018 21:03:04 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1415
Md5:    19a6933e85af0a8ef19dab32d04c3495
Sha1:   02173eb60e39e7405df272cd5d1fa88b70818c34
Sha256: faac8e51b0b98d8cc01820053dd03797213bb7746ea7e268546d9212e0263254
                                        
                                            GET /rpc/ajax?do=tmjs-visit&host=reimageplus.com&rand=1533848584124 HTTP/1.1 
Host: www.mcafeesecure.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         54.187.107.242
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Date: Thu, 09 Aug 2018 21:03:04 GMT
Content-Length: 40
Connection: keep-alive
Set-Cookie: AWSALB=TdwxiNaY7zCrYwlwF83dKfF/qA5tVD895iwO7ajAL+28T8AoB9roskQNtgZXV/bAWIjcPvrBK5fcGD7/ZnodHhX97640guvSBjWG+MZzvjlQCTL7XB3fBAcJNCe5; Expires=Thu, 16 Aug 2018 21:03:04 GMT; Path=/
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   40
Md5:    1554138d3730321383c839b88d5999cd
Sha1:   297fbd9452ed4b38fe04b12559a3fdd55b65aa90
Sha256: 6a67cc538719263f6c56c9b712e68cad85f5bad6f4cd2ce66264e0c578668553
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=1DFA07D4C48259B708844DF3EEDF5AB6; _testcookie=test; rmo=true; PHPSESSID=ubqsksqhr1gh6vgb83mrkc5nr7; _trackid=5390445225; _trackid_5390445225=5390445225; _tracking=Ton; _tracking_Ton=Ton; _campaign=RON-NO-DESKTOP-Zero_tef; _campaign_RON-NO-DESKTOP-Zero_tef=RON-NO-DESKTOP-Zero_tef; _adgroup=direct; _adgroup_direct=direct; _keyword=50b6435124326ba457001fc3; _keyword_50b6435124326ba457001fc3=50b6435124326ba457001fc3; _ads=direct; _ads_direct=direct; _browser=Firefox; _browser_Firefox=Firefox; _country=Norway; _country_Norway=Norway; __utma=141870001.1904794256.1533848584.1533848584.1533848584.1; __utmb=141870001.1.10.1533848584; __utmc=141870001; __utmz=141870001.1533848584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; mfesecure_visit=1

                                         
                                         161.47.7.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 09 Aug 2018 20:53:25 GMT
Location: http://www.reimageplus.com/images/reimage.ico
Connection: Keep-Alive
Content-Length: 253


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   253
Md5:    89fbda29cd4758e3ab1f35468df805c2
Sha1:   337a11ad7f3201d716eafe475be4744c14579cb1
Sha256: aa3c8a7d131750c62a273230a83039796256fc9b9f7cb160de4b7e97a39af71d
                                        
                                            GET /images/reimage.ico HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=1DFA07D4C48259B708844DF3EEDF5AB6; _testcookie=test; rmo=true; PHPSESSID=ubqsksqhr1gh6vgb83mrkc5nr7; _trackid=5390445225; _trackid_5390445225=5390445225; _tracking=Ton; _tracking_Ton=Ton; _campaign=RON-NO-DESKTOP-Zero_tef; _campaign_RON-NO-DESKTOP-Zero_tef=RON-NO-DESKTOP-Zero_tef; _adgroup=direct; _adgroup_direct=direct; _keyword=50b6435124326ba457001fc3; _keyword_50b6435124326ba457001fc3=50b6435124326ba457001fc3; _ads=direct; _ads_direct=direct; _browser=Firefox; _browser_Firefox=Firefox; _country=Norway; _country_Norway=Norway; __utma=141870001.1904794256.1533848584.1533848584.1533848584.1; __utmb=141870001.1.10.1533848584; __utmc=141870001; __utmz=141870001.1533848584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; mfesecure_visit=1

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: Apache/2.2.15 (CentOS)
Date: Thu, 09 Aug 2018 20:53:25 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Accept-Ranges: bytes
Connection: Keep-Alive
Last-Modified: Mon, 30 Apr 2012 13:14:46 GMT
Content-Length: 894


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   894
Md5:    d0c2bd29933d303826e58db070e10832
Sha1:   1a6f18c55c3cd9ea9ff9485afc30c213a6aeefef
Sha256: 3af4842e79f2e783c9a73e19493a10164df5cf27e7e2fb67fb51b2f99d3b4d84
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=1DFA07D4C48259B708844DF3EEDF5AB6; _testcookie=test; rmo=true; PHPSESSID=ubqsksqhr1gh6vgb83mrkc5nr7; _trackid=5390445225; _trackid_5390445225=5390445225; _tracking=Ton; _tracking_Ton=Ton; _campaign=RON-NO-DESKTOP-Zero_tef; _campaign_RON-NO-DESKTOP-Zero_tef=RON-NO-DESKTOP-Zero_tef; _adgroup=direct; _adgroup_direct=direct; _keyword=50b6435124326ba457001fc3; _keyword_50b6435124326ba457001fc3=50b6435124326ba457001fc3; _ads=direct; _ads_direct=direct; _browser=Firefox; _browser_Firefox=Firefox; _country=Norway; _country_Norway=Norway; __utma=141870001.1904794256.1533848584.1533848584.1533848584.1; __utmb=141870001.1.10.1533848584; __utmc=141870001; __utmz=141870001.1533848584.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; mfesecure_visit=1

                                         
                                         161.47.7.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 09 Aug 2018 20:53:28 GMT
Location: http://www.reimageplus.com/images/reimage.ico
Connection: Keep-Alive
Content-Length: 253


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   253
Md5:    89fbda29cd4758e3ab1f35468df805c2
Sha1:   337a11ad7f3201d716eafe475be4744c14579cb1
Sha256: aa3c8a7d131750c62a273230a83039796256fc9b9f7cb160de4b7e97a39af71d
                                        
                                            GET /getseal?host_name=www.reimageplus.com&size=XS&use_flash=NO&use_transparent=YES&lang=en HTTP/1.1 
Host: seal.websecurity.norton.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /getseal?host_name=www.reimageplus.com&size=XS&use_flash=NO&use_transparent=YES&lang=en HTTP/1.1 
Host: seal.websecurity.norton.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/teg/index_src.php?tracking=Ton&banner=RON-NO-DESKTOP-Zero_tef&adgroup=direct&ads_name=direct&keyword=50b6435124326ba457001fc3&context=011f6b903d346a961028c03dfcb83a2f29606b3cc0.r.1533848579.941c7b335e25f678babcbcf5d44d8514&nms=1&lpx=tef

                                         
                                         0.0.0.0
                                        


--- Additional Info ---