Overview

URL dspuezcnkudd.passas.us/owncheck/
IP108.61.203.22
ASNAS20473 Choopa, LLC
Location United States
Report completed2018-07-20 02:30:06 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-07-20 02:29:35 CEST 2 Client IP  108.61.203.22 ET INFO DYNAMIC_DNS HTTP Request to *.passas.us Domain (Sitelutions)
2018-07-20 02:29:34 CEST 2 Client IP  Internal IP ET INFO DYNAMIC_DNS Query to *passas.us Domain (Sitelutions)
2018-07-20 02:29:35 CEST 1 Client IP  108.61.203.22 ET TROJAN Mac Flashback Checkin 1


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-07-20 2 dspuezcnkudd.passas.us/owncheck/ Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 108.61.203.22

Date UQ / IDS / BL URL IP
2018-12-15 15:16:37 +0100
0 - 0 - 1 byinter.net/~face/new.exe 108.61.203.22
2018-12-15 15:12:57 +0100
0 - 0 - 1 byinter.net/~face/ayran.exe 108.61.203.22
2018-12-15 15:12:49 +0100
0 - 0 - 1 byinter.net/~face/ng.exe 108.61.203.22
2018-12-15 15:07:26 +0100
1 - 0 - 0 ytoodwhlildc.findhere.org/k/causes/layout_det (...) 108.61.203.22
2018-12-13 13:25:43 +0100
0 - 2 - 1 igawrnwpkudd.byinter.net/owncheck 108.61.203.22
2018-12-13 03:53:57 +0100
0 - 0 - 2 duexp.uglyas.com/mskke/set_questiona.php 108.61.203.22
2018-12-12 17:14:33 +0100
0 - 0 - 1 ifukhmfxyv.byinter.net/ 108.61.203.22
2018-12-12 04:45:19 +0100
1 - 1 - 0 pnzeejovvb.findhere.org/ep/data/java.jar 108.61.203.22
2018-12-12 04:28:42 +0100
0 - 0 - 1 afysrngwuc.byinter.net/Leh.jar 108.61.203.22
2018-12-12 03:35:29 +0100
1 - 0 - 1 yqsnwdgcn.findhere.org/ 108.61.203.22

Last 10 reports on ASN: AS20473 Choopa, LLC

Date UQ / IDS / BL URL IP
2018-12-16 04:33:43 +0100
2 - 0 - 4 www.nontonfilmonline.space/2018/09/25/ 45.77.47.37
2018-12-16 04:06:40 +0100
0 - 0 - 11 505living.com.au/ 45.76.114.247
2018-12-16 03:50:34 +0100
2 - 0 - 6 menontonbioskop.space/film-barat/kajol-jadi-h (...) 45.77.47.37
2018-12-16 03:34:19 +0100
2 - 0 - 4 www.filmdewasaonline.site/2017/07/25/ 45.77.47.37
2018-12-16 03:21:53 +0100
2 - 0 - 5 www.menontonbioskop.space/film-barat/kajol-ja (...) 45.77.47.37
2018-12-16 02:58:17 +0100
0 - 1 - 0 stickney.cc/downloads/turkeyhunt.exe 45.63.8.101
2018-12-16 02:51:47 +0100
0 - 0 - 1 saamavedam.org/images/com_qgallery/rushippeth (...) 216.155.153.210
2018-12-16 02:49:02 +0100
0 - 0 - 1 pornosins.com/Tag-girlporn 107.191.33.74
2018-12-16 02:46:06 +0100
2 - 0 - 5 nontonfilmonline.us/category/resensi-film 45.77.47.37
2018-12-16 02:22:16 +0100
2 - 0 - 6 www.nontononlinefilm.site/tag/bioskop-online/ (...) 45.77.47.37

No other reports on domain: passas.us



JavaScript

Executed Scripts (7)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 84, repeated: 1) - SHA256: 071bb71cc5f59a8a7b8eeb83d3b40bdfebdb2381c15bfb06526d6bc7b795dd25

                                        < script src = 'http://www.google-analytics.com/ga.js'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (26)


Request Response
                                        
                                            GET /owncheck/ HTTP/1.1 
Host: dspuezcnkudd.passas.us
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.61.203.22
HTTP/1.1 301 Moved Permanently
Content-Type: text/plain; charset=iso-8859-1
                                        
Server: nginx/1.13.5
Date: Fri, 20 Jul 2018 00:29:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?dspuezcnkudd.passas.us


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
  IDS:
    - ET INFO DYNAMIC_DNS HTTP Request to *.passas.us Domain (Sitelutions)
    - ET TROJAN Mac Flashback Checkin 1
                                        
                                            GET /redir_not_found/redir_not_found.shtml?dspuezcnkudd.passas.us HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575; expires=Sat, 20-Jul-19 00:29:35 GMT; path=/; domain=.sitelutions.com; HttpOnly
Server: cloudflare
CF-RAY: 43d15078d1674285-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2045
Md5:    26ca8188b680a078b8bc300b96d12b60
Sha1:   7932616f2d2ee87598857b870a6c0a704ce6de14
Sha256: 4906fc06db0015cfaf861dcaa360cd1837472d030da2fc18d8573e903e4b7643
                                        
                                            GET /include_files/css/sitelutions1.css HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?dspuezcnkudd.passas.us
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Etag: W/"534d3a5a-1068"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Fri, 20 Jul 2018 04:29:36 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 43d1507cd1ea4285-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   845
Md5:    4ccf2ba5d2b00901e25b38ce1654ddd2
Sha1:   0ce53e58182d7c56c33f86bfcad5793e9d36003a
Sha256: ae8715209117f028e96e9912a22b364bb335b3ddbdd4baae4310a6c581df1871
                                        
                                            GET /image_files/logo_bbbonline.gif HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?dspuezcnkudd.passas.us
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Content-Length: 2986
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: origSize=2994
Etag: "534d3a5a-bb2"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: HIT
Expires: Fri, 20 Jul 2018 04:29:36 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 43d1507d2682428b-OSL


--- Additional Info ---
Magic:  GIF image data, version 87a, 128 x 43
Size:   2986
Md5:    dd925c1ab4e64f02338da792b99982f4
Sha1:   31d39012caef99c20e3234aecf67e9629021ba11
Sha256: cfc8750cc0b7862e02dd765568291df656bebce63ff2df51096420aa69e6c839
                                        
                                            GET /pagead/show_ads.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?dspuezcnkudd.passas.us

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Fri, 20 Jul 2018 00:29:36 GMT
Expires: Fri, 20 Jul 2018 00:29:36 GMT
Cache-Control: private, max-age=3600
Etag: 14153076043452257727
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 20060
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   20060
Md5:    be3f632e1f2be7877f98ee531ad21bf5
Sha1:   4f48958f60d1f5c09ec5c19b2196c11578c5c6ca
Sha256: 0100ad44fae3d6caaac006e213079e734bfafbcd85310f5bc7c5c04d6e099e0c
                                        
                                            GET /image_files/badge_uptime.gif HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?dspuezcnkudd.passas.us
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Content-Length: 1628
Connection: keep-alive
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Etag: "534d3a5a-65c"
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Fri, 20 Jul 2018 04:29:36 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 43d1507d1432426d-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 81 x 56
Size:   1628
Md5:    a633436813589bbf31b844303f1eede2
Sha1:   bd42ab7c643ffe62431d88137eea3e9a2691eae5
Sha256: 0bbfb3ce186026ef3289855acc60f9c926f45ac82374fbc47501ffb4cee92fc2
                                        
                                            GET /image_files/sl_logo.png HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Content-Length: 6035
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: pngoptimizer, origSize=8913
Etag: "534d3a5a-22d1"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Fri, 20 Jul 2018 04:29:36 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 43d1507dc697428b-OSL


--- Additional Info ---
Magic:  PNG image, 300 x 58, 8-bit/color RGBA, non-interlaced
Size:   6035
Md5:    72070a5afb3a8fcab6258da8d95f59fe
Sha1:   a2e91e3010a3035ad7061862ae03970e90fec6f3
Sha256: 558d3ca2ab63f2aa74754f9a0db9c6750acff90de3b578bd0a6307b8df12b0f7
                                        
                                            GET /image_files/bg-blurbs-is.jpg HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Content-Length: 6717
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: degrade=85, origSize=12143
Etag: "534d3a5a-2f6f"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Fri, 20 Jul 2018 04:29:36 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 43d1507dd2de4297-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   6717
Md5:    eb66a88aa6f5263fc8d63b8a7fb6c37d
Sha1:   ec2ff9f09b26db597326d286e38b63a349f8a264
Sha256: 4480cf0ded2ceafb92369c92d703113730e5e962a1a80ad28966caa9ff4e660f
                                        
                                            GET /image_files/dot.gif HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Content-Length: 36
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: origSize=44
Etag: "534d3a5a-2c"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Fri, 20 Jul 2018 04:29:36 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 43d1507dd4ae427f-OSL


--- Additional Info ---
Magic:  GIF image data, version 87a, 3 x 3
Size:   36
Md5:    e1f94d1ab145619799ea4933d1615db0
Sha1:   79541b4c6d0d6996f37e344139a374c7225ee681
Sha256: 0cabaf36aa26692377d96cb1a6ff6b6daa97817156b352793bb76119a00e4653
                                        
                                            GET /image_files/bg-blurbs-bm.jpg HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Content-Length: 7458
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: degrade=85, origSize=13308
Etag: "534d3a5a-33fc"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Fri, 20 Jul 2018 04:29:36 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 43d1507ec6b7428b-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   7458
Md5:    c7a8787b14a02c8aca333b572b590d16
Sha1:   1f3b1cee89067a3fba511a83c3c0fc99d9abf083
Sha256: c870cc92adec4d4309725f9368499d63df9cc967d6b4739bd1355807caab8c24
                                        
                                            GET /image_files/bg-blurbs-cb.jpg HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Content-Length: 6005
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: degrade=85, origSize=10253
Etag: "534d3a5a-280d"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Fri, 20 Jul 2018 04:29:36 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 43d1507f02ff4297-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   6005
Md5:    21693f6672c90890ff18b1a6579da77e
Sha1:   f6115075757dc2e56aff724574b3d57b7a38334d
Sha256: 511cd61bc69c1908fbf2d7a57caa36f5daf17c70dfd75ba3536942ee29738012
                                        
                                            GET /image_files/badge_riskfree.gif HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?dspuezcnkudd.passas.us
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Content-Length: 2459
Connection: keep-alive
Last-Modified: Tue, 15 Apr 2014 13:55:37 GMT
Etag: "534d3a59-99b"
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Fri, 20 Jul 2018 04:29:36 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 43d1507d1680428b-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 70 x 68
Size:   2459
Md5:    dc2c14ece85d88b7d7ae5d0aa8d817ae
Sha1:   5afcb2aa536fce8e56cac709e3c78cdef6433589
Sha256: 818d9723e97627fd28456fe7cb539237347f560e16a26d953504787aeed712aa
                                        
                                            GET /redir_not_found/favicon.ico HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575

                                         
                                         104.20.23.95
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Expires: Fri, 20 Jul 2018 04:29:36 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 43d1507d01f14285-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1035
Md5:    a80132a2c341218e8d57d9e095169abd
Sha1:   34301e3ffbb6f9c6e3ad57d2d29ae9a71bb941b4
Sha256: 1c78658fcb8324240196b8db69e1353002a4751ac2ab342e8c4ad63eaa4d6f39
                                        
                                            GET /image_files/bg-blurbs-dm.jpg HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Content-Length: 6321
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: degrade=85, origSize=10926
Etag: "534d3a5a-2aae"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Fri, 20 Jul 2018 04:29:36 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 43d1507e144d426d-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   6321
Md5:    6250ab3f8424c925a58777f392099643
Sha1:   a49557a9fef182dcfc519ca67c64ec03f49a774f
Sha256: a3baf0ab8c1cd9643a454e5e1f392b760d4fa28337f5a90b52aa1c9f0c13b11c
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    bcdfb2e2de53adb85ff5310a086762be
Sha1:   104eb80732f5c41fbade57621e5710d4f664b592
Sha256: 2f1cdf9a6fc3ee10ed31c4df4afa6805b494fd49c4f27cee8889bf819871c2fb
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 20 Jul 2018 00:29:36 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 20 Jul 2018 00:29:37 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    86bd8a2e4396e4369b230f5f5e4e0c66
Sha1:   abc68e04983ab95d1f9c3fc195c627549ffdf4c1
Sha256: 7b37a8f0acbe8c57dc7a4d13d76651dd9c9be7330940608ad89458c2f824481b
                                        
                                            GET /pub-config/r20160913/ca-pub-2844624690808284.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?dspuezcnkudd.passas.us

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Thu, 19 Jul 2018 13:41:01 GMT
Expires: Fri, 20 Jul 2018 01:41:01 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
Content-Length: 88
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=43200
Age: 38916
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   88
Md5:    447300cfe76a026545c27482e7ada077
Sha1:   995fa7efb4f9b8be29ea4c3c69a361e0a1f27ba1
Sha256: 994d8a1f3b94c1b503343b827ffd37a0a2a50015d48a054812591825cc305a40
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 20 Jul 2018 00:29:37 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    f8c65b1bb7bad6d6b151e9a8b7e5e434
Sha1:   9d709ef1fae9a9134ffc0e367acb39aeccd7f2b6
Sha256: 69a4181b8a349bad347f6b5248c6c323b3acc80b729ff5c649b8b3740ad2290a
                                        
                                            GET /adsid/integrator.js?domain=domainpark.sitelutions.com HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?dspuezcnkudd.passas.us

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Fri, 20 Jul 2018 00:29:37 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            GET /adsid/integrator.js?domain=domainpark.sitelutions.com HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?dspuezcnkudd.passas.us

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Fri, 20 Jul 2018 00:29:37 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?dspuezcnkudd.passas.us

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Thu, 19 Jul 2018 22:46:49 GMT
Expires: Fri, 20 Jul 2018 00:46:49 GMT
Last-Modified: Fri, 18 May 2018 01:10:24 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17168
Cache-Control: public, max-age=7200
Age: 6168


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17168
Md5:    01d5892e6e243b52998310c2925b9f3a
Sha1:   58180151b6a6ee4af73583a214b68efb9e8844d4
Sha256: 7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
                                        
                                            GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1105800300&utmhn=domainpark.sitelutions.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1176x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Redirect%20Not%20Found%20dspuezcnkudd.passas.us&utmhid=1976578827&utmr=-&utmp=%2Fredir_not_found%2Fredir_not_found.shtml%3Fdspuezcnkudd.passas.us&utmht=1532046577692&utmac=UA-9495639-6&utmcc=__utma%3D90851141.1798035229.1532046577.1532046577.1532046577.1%3B%2B__utmz%3D90851141.1532046577.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1458308964&utmredir=1&utmu=DBAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?dspuezcnkudd.passas.us

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Fri, 20 Jul 2018 00:29:37 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /redir_not_found/favicon.ico HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575; __utma=90851141.1798035229.1532046577.1532046577.1532046577.1; __utmb=90851141.1.10.1532046577; __utmc=90851141; __utmz=90851141.1532046577.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         104.20.23.95
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Fri, 20 Jul 2018 00:29:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Fri, 20 Jul 2018 04:29:37 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 43d15086f5a8427f-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1035
Md5:    a80132a2c341218e8d57d9e095169abd
Sha1:   34301e3ffbb6f9c6e3ad57d2d29ae9a71bb941b4
Sha256: 1c78658fcb8324240196b8db69e1353002a4751ac2ab342e8c4ad63eaa4d6f39
                                        
                                            GET /redir_not_found/favicon.ico HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575; __utma=90851141.1798035229.1532046577.1532046577.1532046577.1; __utmb=90851141.1.10.1532046577; __utmc=90851141; __utmz=90851141.1532046577.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         104.20.23.95
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Fri, 20 Jul 2018 00:29:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Fri, 20 Jul 2018 04:29:39 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 43d1508fc0c9428b-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1035
Md5:    a80132a2c341218e8d57d9e095169abd
Sha1:   34301e3ffbb6f9c6e3ad57d2d29ae9a71bb941b4
Sha256: 1c78658fcb8324240196b8db69e1353002a4751ac2ab342e8c4ad63eaa4d6f39
                                        
                                            GET /redir_not_found/favicon.ico HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d72e407d94217a0fcecadc4f8ba05bf8c1532046575; __utma=90851141.1798035229.1532046577.1532046577.1532046577.1; __utmb=90851141.1.10.1532046577; __utmc=90851141; __utmz=90851141.1532046577.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         104.20.23.95
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Fri, 20 Jul 2018 00:29:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Fri, 20 Jul 2018 04:29:39 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 43d1508fc4c84297-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1035
Md5:    a80132a2c341218e8d57d9e095169abd
Sha1:   34301e3ffbb6f9c6e3ad57d2d29ae9a71bb941b4
Sha256: 1c78658fcb8324240196b8db69e1353002a4751ac2ab342e8c4ad63eaa4d6f39