Overview

URL www30.speedyshare.com/QszVp/8f2b3605/download/Anonymous-DoSer.exe
IP98.124.199.64
ASNAS21740 eNom, Incorporated
Location United States
Report completed2018-10-08 18:45:21 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-10-08 2 www30.speedyshare.com/QszVp/8f2b3605/download/Anonymous-DoSer.exe Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 98.124.199.64

Date UQ / IDS / BL URL IP
2019-05-28 18:33:37 +0200
0 - 0 - 1 www.speedyshare.com/94EA7/MassRt-FavsNew.rar 98.124.199.64
2019-05-28 17:36:40 +0200
0 - 0 - 1 www.speedyshare.com/94EA7/MassRt-FavsNew.rar 98.124.199.64
2019-05-15 08:38:55 +0200
0 - 0 - 0 www11.speedyshare.com 98.124.199.64
2019-02-15 14:51:14 +0100
0 - 0 - 1 www.speedyshare.com/files/21248355/AutoSetup_ (...) 98.124.199.64
2019-01-28 23:01:05 +0100
0 - 0 - 1 www.speedyshare.com/files/29612954/Dla_MPC_pr (...) 98.124.199.64
2018-12-09 13:52:27 +0100
0 - 0 - 1 www.speedyshare.com/files/21070654/download/s (...) 98.124.199.64
2018-10-12 05:22:59 +0200
0 - 0 - 1 www32.speedyshare.com/fpJQk/0374ad5a/download (...) 98.124.199.64
2018-10-11 15:28:54 +0200
0 - 0 - 1 www30.speedyshare.com/5SJbc/5f98e64a/download (...) 98.124.199.64
2018-10-11 09:43:22 +0200
0 - 0 - 1 www33.speedyshare.com/HneXA/11e09b10/download (...) 98.124.199.64
2018-10-08 23:03:43 +0200
0 - 0 - 2 www.speedyshare.com/files/29391140/E0000A6BC7 (...) 98.124.199.64

Last 10 reports on ASN: AS21740 eNom, Incorporated

Date UQ / IDS / BL URL IP
2019-06-10 15:52:06 +0200
0 - 0 - 1 jerkybuy.com/transacciones/83.58.109.913516/c (...) 98.124.199.46
2019-06-09 14:21:22 +0200
0 - 0 - 1 englishgarden.net/index.php 98.124.199.107
2019-06-09 13:37:25 +0200
0 - 0 - 1 pipersoperahouse.net/cast/bookmark 98.124.199.102
2019-06-09 11:26:35 +0200
0 - 0 - 3 weldmaster.com/zyq/bigtyme/nD 98.124.199.24
2019-06-09 11:23:21 +0200
0 - 0 - 3 weldmaster.com/gp 98.124.199.24
2019-06-07 08:05:50 +0200
0 - 0 - 4 kelownatownhomes.com/g76ub76 98.124.199.89
2019-06-05 08:06:09 +0200
0 - 0 - 6 suncoastot.com/webpage/forms/SCHOOLAGE_CHECKL (...) 98.124.252.176
2019-06-04 14:10:51 +0200
0 - 0 - 1 hal9000.ehost-services142.com/n53s3pog/hyimeh7.exe 69.64.156.54
2019-06-03 00:43:35 +0200
0 - 0 - 1 zkaoo.com/download/update/update.exe 98.124.199.125
2019-06-02 19:58:16 +0200
0 - 1 - 0 ncdrive.com/wow.exe 98.124.199.68

No other reports on domain: speedyshare.com



JavaScript

Executed Scripts (22)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 741, repeated: 1) - SHA256: 460f15cc351d48e6e01ed1adc8fac14a1c3bf6e83c56d4283c4281bab455dd46

                                        < img height = "1"
width = "1"
border = "0"
alt = ""
src = "https://www.googleadservices.com/pagead/conversion/1038302480/?random=1539017091692&cv=9&fst=1539017091692&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair"
style = "display:none" / >
                                    


HTTP Transactions (54)


Request Response
                                        
                                            GET /QszVp/8f2b3605/download/Anonymous-DoSer.exe HTTP/1.1 
Host: www30.speedyshare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         98.124.199.64
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Date: Mon, 08 Oct 2018 16:44:49 GMT
Transfer-Encoding: chunked
Connection: close
Location: http://ce6yo.5355156.com/QszVp/8f2b3605/download/Anonymous-DoSer.exe
Server: Redirector/1.0
Cache-Control: private


--- Additional Info ---
Magic:  HTML document text
Size:   189
Md5:    09cc6674e016efb2d65cf5d5f07c4b2e
Sha1:   4ab6284359b165a6b54f3ea0437f47b42b667da9
Sha256: a444aef7de6b829346db7f046931303adf93215c3dcd8e59b051f03c754a4b3c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /QszVp/8f2b3605/download/Anonymous-DoSer.exe HTTP/1.1 
Host: ce6yo.5355156.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         191.96.104.10
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 08 Oct 2018 16:44:50 GMT
Transfer-Encoding: chunked
X-ImpID: 7961a7c2-cb19-11e8-b170-12c26be3c49e
Location: http://www.reimageplus.com/includes/router_land.php?tracking=YTZ2&lpx=slm&banner=ALF&%3F%3Fgroup_id=483&group_id=483&cntrl=00000&pid=14497&redid=49184&gsid=483&campaign_id=12&p_id=14497&id=XNSX.-r49184-t483&impid=7961a7c2-cb19-11e8-b170-12c26be3c49e


--- Additional Info ---
                                        
                                            GET /includes/router_land.php?tracking=YTZ2&lpx=slm&banner=ALF&%3F%3Fgroup_id=483&group_id=483&cntrl=00000&pid=14497&redid=49184&gsid=483&campaign_id=12&p_id=14497&id=XNSX.-r49184-t483&impid=7961a7c2-cb19-11e8-b170-12c26be3c49e HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         161.47.7.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Date: Mon, 08 Oct 2018 16:36:08 GMT
Location: http://www.reimageplus.com/lp/sqi/index.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Connection: Keep-Alive
Set-Cookie: X-Mapping-fjhppofk=9C33845D75B18B4DED694AACA8CA00F1; path=/ _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D7961a7c2-cb19-11e8-b170-12c26be3c49e; expires=Fri, 07-Dec-2018 16:36:08 GMT; path=/ _testcookie=test; expires=Mon, 08-Oct-2018 16:42:08 GMT; path=/ one_time_package=true; expires=Fri, 12-Oct-2018 16:36:08 GMT; path=/; domain=reimageplus.com _master_srcid_ytz2_alf=364; expires=Fri, 12-Oct-2018 16:36:08 GMT; path=/; domain=reimageplus.com _srcid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=reimageplus.com _srcid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ reward_ab=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=reimageplus.com reward_ab=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ rmo=true; expires=Thu, 22-Nov-2018 16:36:08 GMT; path=/; domain=reimageplus.com marketnetwork_subid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=reimageplus.com
Content-Length: 22


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    a0501a98ab1b294fd669c2ecd1b8c027
Sha1:   ecd8ceda437c617578af895ce922b9497f20938b
Sha256: cada81a8faf83daa504d843d0795ec58a6f77bd94a28345385cdb54cef383832
                                        
                                            GET /lp/sqi/index.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=9C33845D75B18B4DED694AACA8CA00F1; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D7961a7c2-cb19-11e8-b170-12c26be3c49e; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Date: Mon, 08 Oct 2018 16:36:08 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: Keep-Alive
Set-Cookie: PHPSESSID=dugjaior2aeq0pl09vj7ffge66; path=/ _refcook=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ _testcookie=test; expires=Mon, 08-Oct-2018 16:42:08 GMT; path=/
Content-Length: 3920


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3920
Md5:    64761e485f5f3555e69d55b5eab4c9e9
Sha1:   70d46e3cf867db63826f7e929cafb2be449f9639
Sha256: 0b2446a24a28688d76913861360b22ba0c23ea7a962e8292beb09b1845282108
                                        
                                            GET /ajax/libs/jquery/1.5.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         216.58.211.138
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 29839
Date: Tue, 02 Oct 2018 16:47:13 GMT
Expires: Wed, 02 Oct 2019 16:47:13 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 518258


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29839
Md5:    9a9b2acb8c0cf46985e07996f688b43d
Sha1:   341c927be8f8344f30afb46d49ce6b5e3da62c7d
Sha256: 0b1e12a7712d7b092fd5e1b2724d6e248670ff82620ec75e24105b6b127e3ca8
                                        
                                            GET /lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: X-Mapping-fjhppofk=9C33845D75B18B4DED694AACA8CA00F1; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D7961a7c2-cb19-11e8-b170-12c26be3c49e; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=dugjaior2aeq0pl09vj7ffge66

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Date: Mon, 08 Oct 2018 16:36:08 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Connection: Keep-Alive
Set-Cookie: _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm; expires=Fri, 07-Dec-2018 16:36:08 GMT; path=/ _testcookie=test; expires=Mon, 08-Oct-2018 16:42:08 GMT; path=/
Content-Length: 7025


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7025
Md5:    bd3e818b99cff2c5401df6e4293d5c36
Sha1:   48f33282c1f5a136ba31fe072c46b4810d1adc03
Sha256: c171cc7dbcb668d900028d0475fdc97119bb28eec009c013549de47bf544536b
                                        
                                            GET /meter/www.reimageplus.com/23.gif HTTP/1.1 
Host: images.scanalert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         143.204.47.109
HTTP/1.1 200 OK
Content-Type: image/png; charset=UTF-8
                                        
Content-Length: 3005
Connection: keep-alive
Date: Mon, 08 Oct 2018 15:56:05 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Cache-Control: public
Expires: Mon, 08 Oct 2018 16:56:05 GMT
Content-Encoding: gzip
Age: 2926
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 3JsI4SvFMDIWUvucCzGAJp20URoMY9kasD8qgHPZAcEL9jqGK5TE_w==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   3005
Md5:    102539419ea49058a5fd78365f742469
Sha1:   e4e891e5dc0d2c41eabf5dd8b497c191c287560a
Sha256: 7d59d63d95e75cf20757455fb4c3cc5333a2aacbf0424fc92a7a01ad3b694370
                                        
                                            GET /lp/sqi/css/style.css HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: X-Mapping-fjhppofk=9C33845D75B18B4DED694AACA8CA00F1; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D7961a7c2-cb19-11e8-b170-12c26be3c49e; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=dugjaior2aeq0pl09vj7ffge66; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 08 Oct 2018 16:36:08 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Connection: Keep-Alive
Content-Length: 2385


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2385
Md5:    c9c11e58b7ae2a05cc3d7665d6e67c6d
Sha1:   904c35b41d62ce36b2bd9530b27927dba1716b13
Sha256: a857bcce152e7ccc517782b2c9f8d0ea20ca6211e740e8e8e4c17574c8f260f2
                                        
                                            GET /website/newwebsite/lp/sqh/page-header.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783260"
Cache-Control: max-age=86400
Content-Length: 28164
Last-Modified: Wed, 01 Jun 2016 12:14:20 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds036.sk1.c


--- Additional Info ---
Magic:  PNG image, 1484 x 34, 8-bit/color RGB, non-interlaced
Size:   28164
Md5:    72eb11363a557a2d01e4fc9e453e0d93
Sha1:   0bc01fa850199e45985fc2c05036c2daaea1cc19
Sha256: 104c8b1b981bed8968301cd28d4daf83d09dbc23b51a862ab6ebb9e59cc0f785
                                        
                                            GET /website/newwebsite/lp/sqh/Win7.gif HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783273"
Cache-Control: max-age=86400
Content-Length: 3059
Last-Modified: Wed, 01 Jun 2016 12:14:33 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds006.sk1.c


--- Additional Info ---
Magic:  GIF image data, version 89a, 60 x 62
Size:   3059
Md5:    72edefcd39d81e6d207b19834e6941ef
Sha1:   03e824da65cf1fbb8849c06df5fee4f753d3d8ce
Sha256: 41e53e6880391a2ffdcecfc04969e62ade0e3383c54aed8c281a3c5c122a5f3c
                                        
                                            GET /website/newwebsite/lp/sys/reimage-repair-software-screen.en.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1390487880"
Cache-Control: max-age=86400
Content-Length: 38615
Last-Modified: Thu, 23 Jan 2014 14:38:00 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds055.sk1.c


--- Additional Info ---
Magic:  PNG image, 270 x 194, 8-bit/color RGB, non-interlaced
Size:   38615
Md5:    bee784d55ec18bbbb78d9cf551c0105f
Sha1:   e1b6cf0968e124fdc1089668a97c619c1a3ae0da
Sha256: ce64b3df68854a7dd3bc367bcd76ead89fec756099f139e8098597abc9172d8e
                                        
                                            GET /website/newwebsite/lp/sqh/patent.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783261"
Cache-Control: max-age=86400
Content-Length: 9406
Last-Modified: Wed, 01 Jun 2016 12:14:21 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds029.sk1.c


--- Additional Info ---
Magic:  PNG image, 95 x 43, 8-bit/color RGBA, interlaced
Size:   9406
Md5:    a325c56ac5095d3459a31023cbddaad8
Sha1:   77d2ce1eaa9775d901dc79a329d324c5f20f0e75
Sha256: 2e7c88199f79f7ee899df4333e85ea8959c6b156c1ea96dc0f0a1d3fe7d48f0e
                                        
                                            GET /website/newwebsite/lp/sqh/button_download_anim.gif HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783237"
Cache-Control: max-age=86400
Content-Length: 13233
Last-Modified: Wed, 01 Jun 2016 12:13:57 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds056.sk1.c


--- Additional Info ---
Magic:  GIF image data, version 89a, 266 x 64
Size:   13233
Md5:    a415393521909e0c856acf0e00116630
Sha1:   6210356d1cd38ecf31de48c746a650418e41a520
Sha256: 031e1fb30c05d97c39bd6db7a4c99b4fd96fcfad71c9f2ffdffc8cd19e4012fe
                                        
                                            GET /assets/styles/jquery.fancybox/jquery.fancybox-2.css HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: X-Mapping-fjhppofk=9C33845D75B18B4DED694AACA8CA00F1; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D7961a7c2-cb19-11e8-b170-12c26be3c49e; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=dugjaior2aeq0pl09vj7ffge66; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 08 Oct 2018 16:36:09 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Connection: Keep-Alive
Content-Length: 1606


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1606
Md5:    39c87544233ef0fafef3816c7dc083d1
Sha1:   b5a214c16e29bb922d7dd247c8cd4ab32a48ec15
Sha256: e39857dbe26db2b9569d4ee2d3246135a51f76684c0caa76a4b7ba1d63f0b8ea
                                        
                                            GET /pagead/conversion.js HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Mon, 08 Oct 2018 16:44:51 GMT
Expires: Mon, 08 Oct 2018 16:44:51 GMT
Cache-Control: private, max-age=3600
Etag: 8763450789705281687
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 8644
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   8644
Md5:    e802454d00d7fe31dfa3c38d1da4a745
Sha1:   edc3b73e4148abf148b5aca852a5691e90d568f2
Sha256: ea84a6090c00949f0f20aa47d299622dc424b45c7a43e9ac13effadbdafdba37
                                        
                                            GET /website/newwebsite/lp/sqh/box-bg.gif HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783236"
Cache-Control: max-age=86400
Content-Length: 1854
Last-Modified: Wed, 01 Jun 2016 12:13:56 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds047.sk1.c


--- Additional Info ---
Magic:  GIF image data, version 89a, 5 x 187
Size:   1854
Md5:    8ff2fa6eb2a493a50bd5d1e62ca65aab
Sha1:   a417692e32fd2191007dbe0d720bd47f3944f5f5
Sha256: 29bb9c83e89d0bc33f498d269d352e39d2685903a1edf1f01b2b48f6830b10c8
                                        
                                            GET /website/newwebsite/lp/sqh/green_v.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783247"
Cache-Control: max-age=86400
Content-Length: 1600
Last-Modified: Wed, 01 Jun 2016 12:14:07 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds033.sk1.c


--- Additional Info ---
Magic:  PNG image, 17 x 18, 8-bit/color RGB, non-interlaced
Size:   1600
Md5:    2008cbae40db2b500152c7dafd984d93
Sha1:   b96943808ebecacadb2854638340c44ed81f5131
Sha256: 9d67b141e9910fc9573bb40f0da15b37a07f321f364b49d248dd04b051b94cfe
                                        
                                            GET /website/newwebsite/lp/sqh/left-line1.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783252"
Cache-Control: max-age=86400
Content-Length: 1408
Last-Modified: Wed, 01 Jun 2016 12:14:12 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds033.sk1.c


--- Additional Info ---
Magic:  PNG image, 19 x 18, 8-bit/color RGB, non-interlaced
Size:   1408
Md5:    51e96eb80b3315a78a3c263128863f80
Sha1:   298c6e6342d078787d2faed5a9c72fbb52b69608
Sha256: b331acc4c4aa2a03b8285ea5c5713d0fc0a1b8afab057511942b984af3a94c33
                                        
                                            GET /website/newwebsite/lp/sqh/left-line4.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783255"
Cache-Control: max-age=86400
Content-Length: 1694
Last-Modified: Wed, 01 Jun 2016 12:14:15 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds036.sk1.c


--- Additional Info ---
Magic:  PNG image, 21 x 21, 8-bit/color RGB, non-interlaced
Size:   1694
Md5:    5e66342138a9e7fe493159cd1d022c7f
Sha1:   4644e410677f717a372309dcaec4e0040e0869f5
Sha256: 6ef1d9b7114972450bc65ef971b9f1b6bcda9a14dfdacd0d2eef5982ab13bbd6
                                        
                                            GET /website/newwebsite/lp/sqh/left-line2.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783253"
Cache-Control: max-age=86400
Content-Length: 1769
Last-Modified: Wed, 01 Jun 2016 12:14:13 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds010.sk1.c


--- Additional Info ---
Magic:  PNG image, 20 x 20, 8-bit/color RGB, non-interlaced
Size:   1769
Md5:    f0cbc1f1348e5a7dd71117fff276b24c
Sha1:   2727805dff980bd62185470382b842811d4318fb
Sha256: b0eed672ea60ec55d4d9cf2d35704334217a77c07b6dcaadc8c5e6aa67cfedfd
                                        
                                            GET /website/newwebsite/lp/sqh/left-line3.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783254"
Cache-Control: max-age=86400
Content-Length: 1674
Last-Modified: Wed, 01 Jun 2016 12:14:14 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds058.sk1.c


--- Additional Info ---
Magic:  PNG image, 19 x 20, 8-bit/color RGB, non-interlaced
Size:   1674
Md5:    39494baf3c541996c3b3bb06283fdb46
Sha1:   62ff085ad2b7373d5f11b5b069cd7a583d3e863f
Sha256: 4e23b54f1144c274b359d7ef5c60d49a82bd6e060896e6b5816a779fe0eb6cb1
                                        
                                            GET /website/newwebsite/lp/sqh/step2-bg-trans.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783268"
Cache-Control: max-age=86400
Content-Length: 7025
Last-Modified: Wed, 01 Jun 2016 12:14:28 GMT
X-HW: 1539017091.dop014.sk1.t,1539017091.cds019.sk1.c


--- Additional Info ---
Magic:  PNG image, 138 x 122, 8-bit/color RGBA, non-interlaced
Size:   7025
Md5:    d5ee2f43e2a023082f436ecbd1bdc481
Sha1:   fba3f6e488539af100ab96bac877064732320921
Sha256: 11d91f55b1674e173ddfe06eb57ae85fa33a6cff7af1302f507ac242d07a80d8
                                        
                                            GET /website/newwebsite/lp/sqh/step-bg.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783269"
Cache-Control: max-age=86400
Content-Length: 18292
Last-Modified: Wed, 01 Jun 2016 12:14:29 GMT
X-HW: 1539017091.dop002.sk1.t,1539017091.cds028.sk1.c


--- Additional Info ---
Magic:  PNG image, 275 x 61, 8-bit/color RGB, non-interlaced
Size:   18292
Md5:    7b6e60e77c3654a847d5081395960cf5
Sha1:   c796375204359b947c6b62ebfbaccaaa7680b8b8
Sha256: 33c28e008ac3729e9b12dbc10be193b77e16a41a6c3693d4082858d3cba92e59
                                        
                                            GET /website/newwebsite/lp/sqh/step1-bg-trans.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783266"
Cache-Control: max-age=86400
Content-Length: 3300
Last-Modified: Wed, 01 Jun 2016 12:14:26 GMT
X-HW: 1539017091.dop014.sk1.t,1539017091.cds028.sk1.c


--- Additional Info ---
Magic:  PNG image, 58 x 90, 8-bit/color RGBA, non-interlaced
Size:   3300
Md5:    1d15fb682fe3dff47991aa9751a875b9
Sha1:   8eb2b2cf19fe82e7188aeee5ce0e9b9da1906103
Sha256: b8755dc875e0a34693d2a5d357d9bff4d5f19d7c2a2d5134dc628a3f61caf000
                                        
                                            GET /website/newwebsite/lp/sqh/repair-win.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783264"
Cache-Control: max-age=86400
Content-Length: 2179
Last-Modified: Wed, 01 Jun 2016 12:14:24 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds058.sk1.c


--- Additional Info ---
Magic:  PNG image, 27 x 28, 8-bit/color RGB, non-interlaced
Size:   2179
Md5:    5851745de354765e2125f096e27ae2a2
Sha1:   c894df89fada34d309a6774ddc9babf725934ed6
Sha256: e51e18fcf47fa9b6b5bf724f6a9655c25a05d215afba827f205aaeb47642d87a
                                        
                                            GET /website/newwebsite/lp/sqh/left-line5.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783256"
Cache-Control: max-age=86400
Content-Length: 1491
Last-Modified: Wed, 01 Jun 2016 12:14:16 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds041.sk1.c


--- Additional Info ---
Magic:  PNG image, 18 x 17, 8-bit/color RGB, non-interlaced
Size:   1491
Md5:    a59e741ab3d51d4e1e5ba30b0a7b29a8
Sha1:   8ceb645eaf53da45d0308de878c665ab9b2c6359
Sha256: 79c1403f2c097fe69db72c4a7f7200093781ee005dfd6c6cb2b4c6d6f10e389a
                                        
                                            GET /website/newwebsite/lp/sqh/free-scan.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783246"
Cache-Control: max-age=86400
Content-Length: 2049
Last-Modified: Wed, 01 Jun 2016 12:14:06 GMT
X-HW: 1539017091.dop013.sk1.t,1539017091.cds043.sk1.c


--- Additional Info ---
Magic:  PNG image, 30 x 24, 8-bit/color RGB, non-interlaced
Size:   2049
Md5:    8c7d05b98e6f2d5fbf1c60adffeea4f2
Sha1:   6149378a53addf1878bfaeab1b0e89c0c8db3b83
Sha256: 158bdf06a0618d1484c272c35bf6eeed158a9440ae9b12ac74dd66c7ba435dd8
                                        
                                            GET /website/newwebsite/lp/sqh/cloud.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783238"
Cache-Control: max-age=86400
Content-Length: 2816
Last-Modified: Wed, 01 Jun 2016 12:13:58 GMT
X-HW: 1539017091.dop002.sk1.t,1539017091.cds006.sk1.c


--- Additional Info ---
Magic:  PNG image, 46 x 38, 8-bit/color RGB, non-interlaced
Size:   2816
Md5:    37b3f2641ececb4eda59252b1a621eb7
Sha1:   5911bfd3a30a6b3b2d83ac8e9ffe631c0c4e5039
Sha256: c2ebc7735534bd0e5708bfae2406b4cfcdbdc7f6ab7bf8838aba82023383269c
                                        
                                            GET /website/newwebsite/lp/sqh/improve-pc.png HTTP/1.1 
Host: cdnrep.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/css/style.css
Cookie: one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true

                                         
                                         205.185.208.80
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 08 Oct 2018 16:44:51 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Etag: "1464783249"
Cache-Control: max-age=86400
Content-Length: 1390
Last-Modified: Wed, 01 Jun 2016 12:14:09 GMT
X-HW: 1539017091.dop014.sk1.t,1539017091.cds019.sk1.c


--- Additional Info ---
Magic:  PNG image, 25 x 25, 8-bit/color RGB, non-interlaced
Size:   1390
Md5:    a33103966c40c7af0394283801707874
Sha1:   e49748cd9d3b4966984dc25acd8a688828210390
Sha256: da2871c4669d112fb708df1920f01a6aefdd5f257ef87cdfd3b424fc8eb2be59
                                        
                                            GET /dc.js HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         64.233.162.156
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Mon, 08 Oct 2018 14:45:27 GMT
Expires: Mon, 08 Oct 2018 16:45:27 GMT
Last-Modified: Mon, 01 Oct 2018 17:56:18 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17093
Age: 7164
Cache-Control: public, max-age=7200


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17093
Md5:    5f65521f6c6223e1e18cb161832bea2a
Sha1:   f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
Sha256: 787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
                                        
                                            GET /assets/scripts/jquery.fancybox/jquery.fancybox-2.js HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Cookie: X-Mapping-fjhppofk=9C33845D75B18B4DED694AACA8CA00F1; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D7961a7c2-cb19-11e8-b170-12c26be3c49e; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=dugjaior2aeq0pl09vj7ffge66; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: Apache/2.2.15 (CentOS)
Date: Mon, 08 Oct 2018 16:36:09 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Accept-Ranges: bytes
Connection: Keep-Alive
Last-Modified: Sun, 07 Jun 2015 06:06:18 GMT
Content-Length: 48716


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   48716
Md5:    932c065e6c0658681ca19a34d45981f4
Sha1:   7e10f6aba5d7bc1b21e0c62ba107ac5593c039d8
Sha256: 1a2da275a2f66503da340a4b38a064c5329d8b3f03eb057dee553786482c4874
                                        
                                            GET /js/1.js HTTP/1.1 
Host: cdn.ywxi.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         143.204.47.127
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Content-Length: 2829
Connection: keep-alive
Date: Mon, 08 Oct 2018 16:35:17 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Expires: Mon, 08 Oct 2018 17:35:17 GMT
Content-Encoding: gzip
Age: 575
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a3.cloudfront.net (CloudFront)
X-Amz-Cf-Id: R3ve44ERSHdNmJbxIYJJFVjBVVtAQHoegqRLZB3i2tj3gdnOObQ7sQ==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   2829
Md5:    e2f006b9cb97e3af3672505fe23c4660
Sha1:   dd1283a182f72a9dfe0b0e397dc2cf3ed16f2ca5
Sha256: 278cdee696684a6d8b3344cc99e1f92869d3a8a03764f790414c0731e8c42dfa
                                        
                                            GET /r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1783609791&utmhn=www.reimageplus.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Reimage%20Repair&utmhid=8585548&utmr=0&utmp=%2Flp%2Fsqi%2Findex_src.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&utmht=1539017092248&utmac=UA-24411584-1&utmcc=__utma%3D141870001.906688849.1539017092.1539017092.1539017092.1%3B%2B__utmz%3D141870001.1539017092.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=514942430&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         64.233.162.156
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Mon, 08 Oct 2018 16:44:52 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 08 Oct 2018 16:44:52 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    f08103514151717d3073a84cf8378b33
Sha1:   3ca4d06ead9d82df6251098798d11d882f2494b4
Sha256: 2c2623329249ce27e512b2c36b013b2d6a88ec6a8114731cc371728b64cdea2a
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 08 Oct 2018 16:44:52 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /pagead/conversion/1038302480/?random=1539017091692&cv=9&fst=1539017091692&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         216.58.207.226
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Mon, 08 Oct 2018 16:44:52 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1038302480/?random=17809889&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http://www.reimageplus.com/lp/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=hIm7W4ezHZCr6wTd557ICA&crd=CKrPGwjX0Rs&gtd=
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 08 Oct 2018 16:44:52 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    82b173ea6d56ed7d193bf33660acde0b
Sha1:   2885ffab5e7cd4dfcba0eeaaef3c4dbd5484c364
Sha256: 87e1210753faa1d1d1a5e8248eec30d1280bc170f31c2459700f51b6ad2e0c1d
                                        
                                            GET /pagead/viewthroughconversion/1038302480/?random=17809889&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http://www.reimageplus.com/lp/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=hIm7W4ezHZCr6wTd557ICA&crd=CKrPGwjX0Rs&gtd= HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         172.217.21.162
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Mon, 08 Oct 2018 16:44:52 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Location: https://www.google.com/pagead/1p-user-list/1038302480/?random=17809889&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http://www.reimageplus.com/lp/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CKrPGwjX0RsIhNAb&cdct=2&is_vtc=1&random=287995981&resp=GooglemKTybQhCsO
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Mon, 08-Oct-2018 16:59:52 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 08 Oct 2018 16:44:52 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    888d1120be0316e1401ca73b1e3d2641
Sha1:   a86e28c35866411969f810d5d3759bf2f157b83e
Sha256: 3e50061d2f1ee149e29933a79edd264a7609a2dc892ea511447f5979d22ab351
                                        
                                            GET /pagead/1p-user-list/1038302480/?random=17809889&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http://www.reimageplus.com/lp/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CKrPGwjX0RsIhNAb&cdct=2&is_vtc=1&random=287995981&resp=GooglemKTybQhCsO HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         216.58.207.196
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Mon, 08 Oct 2018 16:44:52 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Location: https://www.google.no/pagead/1p-user-list/1038302480/?random=17809889&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http://www.reimageplus.com/lp/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CKrPGwjX0RsIhNAb&cdct=2&is_vtc=1&random=287995981&resp=GooglemKTybQhCsO&ipr=y
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /mfesecure-public/host/reimageplus.com/client.json HTTP/1.1 
Host: s3-us-west-2.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm
Origin: http://www.reimageplus.com

                                         
                                         52.218.208.112
HTTP/1.1 200 OK
Content-Type: application/json
                                        
x-amz-id-2: AmWBsIBFmwaNeMd5C3uVeJ1CHTFu1aG+COlbI3Ufh8flJBI+MqHSN0lv9grG9+rmeYjOhYIzdqc=
x-amz-request-id: BEFCDD4B95860CD7
Date: Mon, 08 Oct 2018 16:44:53 GMT
Access-Control-Allow-Origin: http://www.reimageplus.com
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 60
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-replication-status: COMPLETED
Last-Modified: Mon, 08 Oct 2018 02:58:05 GMT
Etag: "86a8d89e3d194b9bfdc41f1c04a76272"
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: DvPZYHKzLiXd8Mkr7wVlf2ULF4dasaK.
Accept-Ranges: bytes
Content-Length: 144
Server: AmazonS3


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   144
Md5:    86a8d89e3d194b9bfdc41f1c04a76272
Sha1:   9dc4ae4f8f88b438b68f235d050407372d090ab2
Sha256: c9307911e3455085ca9581366c6fff5bac901cf192bb37d8fcaf75f491d67eb3
                                        
                                            GET /static/img/tm-float.png HTTP/1.1 
Host: cdn.ywxi.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         143.204.47.127
HTTP/1.1 200 OK
Content-Type: image/png; charset=UTF-8
                                        
Content-Length: 9330
Connection: keep-alive
Date: Thu, 26 Apr 2018 23:59:53 GMT
Expires: Fri, 27 Apr 2018 23:59:53 GMT
Cache-Control: public, max-age=86400
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Etag: "HioVbLUyInv"
Last-Modified: Thu, 26 Apr 2018 22:02:54 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Age: 60146
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a3.cloudfront.net (CloudFront)
X-Amz-Cf-Id: bOFwu8vvgtiCUAz2dtLVCkuTarfRivBrxYXVdm-Mdw8py_agtEovoQ==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   9330
Md5:    c4c9391d05918c1a7045dff82c1391b2
Sha1:   be2ec6556d902ae0d78fa62cf2cb2751f357e8c0
Sha256: ec706c9c38eb71c40deb0d3deb2abe51058dc256910bfde4ef76d2a2bae24f61
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.238
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 08 Oct 2018 16:44:52 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    b2752cd31c3e80fa7cbc29f81c341a2f
Sha1:   367f4363560c03afffc6a4a7d9eb55ab805a85e2
Sha256: 57b8a26d7a08d7a00f3678033b949727ed48f58b3f2b593c67a2129efd877aec
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         143.204.51.176
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168072
Date: Mon, 08 Oct 2018 16:44:53 GMT
Etag: "5bb796a5-1d7"
Expires: Wed, 10 Oct 2018 15:26:05 GMT
Last-Modified: Fri, 05 Oct 2018 16:51:49 GMT
Server: ECS (lga/1393)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Id: LksNxBEEfLezBajQ2nMHEoz0e0r1YGbTW7Eej4ws4K82AT7SIE_5YA==


--- Additional Info ---
Magic:  data
Size:   471
Md5:    6a02fe065006343ffca1f1433e67b17b
Sha1:   5c0244bf6c41e054f70b0d125372c3bd7558ea7b
Sha256: f89c8145b8b7833c46116160f1351e9fc7c9bd6ac037a41fa18baa8e3d6949f9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.rootca1.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         143.204.51.72
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 1426
Connection: keep-alive
Date: Mon, 08 Oct 2018 16:44:53 GMT
Server: WEBrick/1.3.1 (Ruby/2.3.7/2018-03-28)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Id: e7ame0XNOPc6rR_EZCPhhure3-ygGigBTRGdSsYoKUpgFiCG097Iqw==


--- Additional Info ---
Magic:  data
Size:   1426
Md5:    19938e144e73f5a36d95c903cb6a8547
Sha1:   5354c3608cf27a290f44e5e9db6fdf5ff6a1f6a3
Sha256: d750396ccb8c0e497e87f12924afc3b53dbcd5f0b1158e7414dc89b55f503b76
                                        
                                            GET /pagead/1p-user-list/1038302480/?random=17809889&cv=9&fst=*&num=1&fmt=3&value=0&label=6-3FCKyD8wEQkPqM7wM&bg=666666&hl=en&guid=ON&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_his=1&u_tz=120&u_java=true&u_nplug=10&u_nmime=92&frm=1&url=http://www.reimageplus.com/lp/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&ref=http://www.reimageplus.com/lp/sqi/index.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm&tiba=Reimage%20Repair&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&crd=CKrPGwjX0RsIhNAb&cdct=2&is_vtc=1&random=287995981&resp=GooglemKTybQhCsO&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Mon, 08 Oct 2018 16:44:52 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /js/1.js HTTP/1.1 
Host: cdn.trustedsite.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         143.204.47.34
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Content-Length: 1872
Connection: keep-alive
Date: Mon, 08 Oct 2018 16:33:58 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Expires: Mon, 08 Oct 2018 17:33:58 GMT
Content-Encoding: gzip
Age: 654
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fbb.cloudfront.net (CloudFront)
X-Amz-Cf-Id: owk3JdpFw2gv4RG76HMVezu-bs13-2FAQcZccIM--z9IjXQ2tXUr3g==


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   1872
Md5:    68dc342c1d27074362709798cc24d63e
Sha1:   cee55e0da80266c231acd65ebd386a563cca4e1c
Sha256: 5d4eda3ee64d69b769c026a13f4d30022c7af252a378acd0198943e917a9dbae
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         143.204.51.176
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162297
Date: Mon, 08 Oct 2018 16:44:53 GMT
Etag: "5bb7284b-1d7"
Expires: Wed, 10 Oct 2018 13:49:50 GMT
Last-Modified: Fri, 05 Oct 2018 09:00:59 GMT
Server: ECS (lga/1393)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Id: w_8VTHFCH1RbzqpjBMlTu4BEhL2FaAm0pNTkoRFZtC0UuzRdp5hX_w==


--- Additional Info ---
Magic:  data
Size:   471
Md5:    4f4153823500bdf1a42539b92d028f27
Sha1:   527569d1971a02e3b50404e379f760976e3df3d8
Sha256: ae6997f7e4e18552bfcd41796744005ec2b273e14e578bd87f6fe7c6c550d023
                                        
                                            GET /trustedsite-public/host/reimageplus.com/client.js HTTP/1.1 
Host: s3-us-west-2.amazonaws.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         52.218.208.112
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
x-amz-id-2: Dy2bIgjasugTl7vVIhANg0g8N+Fwa+rOhz2wiqHHDuveENffK8BHiKPBmcK40rl85Z6c+b6bq7A=
x-amz-request-id: 0555967A63D424B8
Date: Mon, 08 Oct 2018 16:44:55 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 04 Jul 2018 23:05:38 GMT
Etag: "99a45cba3096b08317048a968af70cbd"
Cache-Control: public, max-age=60
Content-Encoding: gzip
x-amz-version-id: Otnbc0GHkBiRt7w2FfDBHNevvLnNWi3E
Accept-Ranges: bytes
Content-Length: 148
Server: AmazonS3


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   148
Md5:    99a45cba3096b08317048a968af70cbd
Sha1:   cdb50d86e5f776a679bd516f54f9b87eaee8938d
Sha256: bb45e632cbf9940c1180c70ff511fcd962b7fd2bc9c107f36a1c05850ca40582
                                        
                                            GET /rpc/ajax?do=tmjs-visit&host=reimageplus.com&rand=1539017092803 HTTP/1.1 
Host: www.mcafeesecure.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         35.166.16.223
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Date: Mon, 08 Oct 2018 16:44:54 GMT
Content-Length: 40
Connection: keep-alive
Set-Cookie: AWSALB=9HbpEPp/5b34LiW8L3trFwrMFTR43GtTJ66Tqfv4YTu6ee9KEC1iZHQ5R9ZC0Ynil1cBInSkLFZE26gFZeIYJa3zPo/eOo9vv24TN2rfCzHEjFXZJdHR+4RMcPuI; Expires=Mon, 15 Oct 2018 16:44:54 GMT; Path=/
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   40
Md5:    a912f8ee7d62dffb99cd9c65b7577d95
Sha1:   528104a64b4a7751eaafe58e425d952feda3ecdb
Sha256: 44b015aaa1db5bcfa0617230209495a2f40ddad12d84630c547ce4b9c2bdb8b4
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=9C33845D75B18B4DED694AACA8CA00F1; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D7961a7c2-cb19-11e8-b170-12c26be3c49e; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=dugjaior2aeq0pl09vj7ffge66; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm; __utma=141870001.906688849.1539017092.1539017092.1539017092.1; __utmb=141870001.1.10.1539017092; __utmc=141870001; __utmz=141870001.1539017092.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; mfesecure_visit=1

                                         
                                         161.47.7.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 08 Oct 2018 16:36:12 GMT
Location: http://www.reimageplus.com/images/reimage.ico
Connection: Keep-Alive
Content-Length: 253


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   253
Md5:    89fbda29cd4758e3ab1f35468df805c2
Sha1:   337a11ad7f3201d716eafe475be4744c14579cb1
Sha256: aa3c8a7d131750c62a273230a83039796256fc9b9f7cb160de4b7e97a39af71d
                                        
                                            GET /images/reimage.ico HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=9C33845D75B18B4DED694AACA8CA00F1; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D7961a7c2-cb19-11e8-b170-12c26be3c49e; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=dugjaior2aeq0pl09vj7ffge66; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm; __utma=141870001.906688849.1539017092.1539017092.1539017092.1; __utmb=141870001.1.10.1539017092; __utmc=141870001; __utmz=141870001.1539017092.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; mfesecure_visit=1

                                         
                                         161.47.7.14
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: Apache/2.2.15 (CentOS)
Date: Mon, 08 Oct 2018 16:36:12 GMT
Expires: Thu, 15 Apr 2045 20:00:00 GMT
Accept-Ranges: bytes
Connection: Keep-Alive
Last-Modified: Mon, 30 Apr 2012 13:14:46 GMT
Content-Length: 894


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   894
Md5:    d0c2bd29933d303826e58db070e10832
Sha1:   1a6f18c55c3cd9ea9ff9485afc30c213a6aeefef
Sha256: 3af4842e79f2e783c9a73e19493a10164df5cf27e7e2fb67fb51b2f99d3b4d84
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.reimageplus.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: X-Mapping-fjhppofk=9C33845D75B18B4DED694AACA8CA00F1; _source=%2Fincludes%2Frouter_land.php%3Ftracking%3DYTZ2%26lpx%3Dslm%26banner%3DALF%26%253F%253Fgroup_id%3D483%26group_id%3D483%26cntrl%3D00000%26pid%3D14497%26redid%3D49184%26gsid%3D483%26campaign_id%3D12%26p_id%3D14497%26id%3DXNSX.-r49184-t483%26impid%3D7961a7c2-cb19-11e8-b170-12c26be3c49e; _testcookie=test; one_time_package=true; _master_srcid_ytz2_alf=364; rmo=true; PHPSESSID=dugjaior2aeq0pl09vj7ffge66; _refcook=http%3A%2F%2Fwww.reimageplus.com%2Flp%2Fsqi%2Findex.php%3Ftracking%3DYTZ2%26banner%3DALF%26adgroup%3Ddirect%26ads_name%3Ddirect%26keyword%3Ddirect%26nms%3D1%26lpx%3Dslm; __utma=141870001.906688849.1539017092.1539017092.1539017092.1; __utmb=141870001.1.10.1539017092; __utmc=141870001; __utmz=141870001.1539017092.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; mfesecure_visit=1

                                         
                                         161.47.7.14
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 08 Oct 2018 16:36:15 GMT
Location: http://www.reimageplus.com/images/reimage.ico
Connection: Keep-Alive
Content-Length: 253


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   253
Md5:    89fbda29cd4758e3ab1f35468df805c2
Sha1:   337a11ad7f3201d716eafe475be4744c14579cb1
Sha256: aa3c8a7d131750c62a273230a83039796256fc9b9f7cb160de4b7e97a39af71d
                                        
                                            GET /getseal?host_name=www.reimageplus.com&size=S&use_flash=NO&use_transparent=NO&lang=en HTTP/1.1 
Host: seal.websecurity.norton.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.reimageplus.com/lp/sqi/index_src.php?tracking=YTZ2&banner=ALF&adgroup=direct&ads_name=direct&keyword=direct&nms=1&lpx=slm

                                         
                                         0.0.0.0
                                        


--- Additional Info ---