Overview

URL rgdggbqjkudd.bestdeals.at/owncheck
IP108.61.203.22
ASNAS20473 Choopa, LLC
Location United States
Report completed2018-01-14 13:26:32 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-01-14 2 rgdggbqjkudd.bestdeals.at/owncheck Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 108.61.203.22

Date UQ / IDS / BL URL IP
2018-01-17 20:27:26 +0100
0 - 0 - 1 z0325.lowestprices.at/ 108.61.203.22
2018-01-17 20:26:48 +0100
0 - 0 - 1 zdymydindbyu.byinter.net/ 108.61.203.22
2018-01-17 20:22:46 +0100
0 - 0 - 1 javaupdate.byinter.net/ 108.61.203.22
2018-01-13 22:00:52 +0100
0 - 0 - 1 www2.joinsmartscanrr.isgre.at/eiarf107_2331.php 108.61.203.22
2018-01-13 20:55:07 +0100
0 - 0 - 1 tirela54tingas.rr.nu/nl.php 108.61.203.22
2018-01-13 20:37:00 +0100
0 - 0 - 2 dqyoupdwjyuv.assexyas.com/owncheck 108.61.203.22
2018-01-12 07:56:15 +0100
0 - 0 - 1 jsnggbqjkudd.onthenetas.com/owncheck/ 108.61.203.22
2018-01-12 06:13:38 +0100
3 - 0 - 0 branded.ontheweb.nu/?a=2 108.61.203.22
2018-01-10 17:54:46 +0100
0 - 0 - 1 www1.safefir.myfw.us/vyijdt107_2185.php 108.61.203.22
2018-01-10 17:42:41 +0100
0 - 0 - 1 www2.personaldvdefense.myfw.us/suxg211_8046.php 108.61.203.22

Last 10 reports on ASN: AS20473 Choopa, LLC

Date UQ / IDS / BL URL IP
2018-01-18 10:19:54 +0100
0 - 0 - 1 go.coresumi.xyz/ts820-international-redirects (...) 45.32.237.225
2018-01-18 10:11:33 +0100
0 - 0 - 1 xctvb58crz.jicd.gdn/?sov=3055434051 45.76.14.66
2018-01-18 10:03:46 +0100
0 - 0 - 2 radzz.pozmsgb9geoc.gegx.gdn/ 45.76.28.196
2018-01-18 09:55:36 +0100
0 - 0 - 1 abcdomac.com.br/~comegac/cgi-bin/regions/ques (...) 108.61.35.157
2018-01-18 09:55:31 +0100
0 - 0 - 1 abcdomac.com.br/~comegac/cgi-bin/regions/error.php 108.61.35.157
2018-01-18 09:53:42 +0100
0 - 0 - 1 go.coresumi.xyz/ts820-international-redirects (...) 45.32.237.225
2018-01-18 09:52:04 +0100
0 - 0 - 1 kfszz.au2ube.feto.gdn/ 104.238.147.73
2018-01-18 09:23:59 +0100
0 - 0 - 2 go.coresumi.xyz/ts820-international-redirects (...) 45.32.237.225
2018-01-18 09:12:41 +0100
0 - 0 - 2 go.coresumi.xyz/ts820-international-redirects (...) 45.32.237.225
2018-01-18 09:11:49 +0100
0 - 0 - 1 vida-alternativa.cl/filosofos/istealuc3.exe 64.237.45.58

No other reports on domain: bestdeals.at



JavaScript

Executed Scripts (11)


Executed Evals (0)


Executed Writes (4)

#1 JavaScript::Write (size: 2130, repeated: 1) - SHA256: 4f814c6f559f22919fe9b55ae33d4e91b56d2aa7fe5d377d3c896a9bec707b89

                                        < !doctype html > < html > < body > < iframe style = "display:none"
data - ad - client = "ca-pub-2844624690808284"
id = "google_esf"
name = "google_esf"
src = "https://googleads.g.doubleclick.net/pagead/html/r20180108/r20170110/zrt_lookup.html#" > < /iframe><script>google_ad_channel="";google_ad_client="pub-2844624690808284";google_ad_format="728x90_as";google_ad_height=90;google_ad_modifications={"plle":true,"eids":["368226201","38893302","21061122","191880501"],"loeids":["368226211","38893312"]};google_ad_type="text_image";google_ad_width=728;google_color_bg="FFFFFF";google_color_border="FFFFFF";google_color_link="0000FF";google_color_text="000000";google_color_url="008000";google_loader_used="sa";google_ad_unit_key="2796962729";google_ad_dom_fingerprint="2696856949";google_sailm=false;google_unique_id=1;google_async_iframe_id="aswift_0";google_start_time=1515933153012;google_pub_vars="JTdCJTIyZ29vZ2xlX2FkX2NoYW5uZWwlMjIlM0ElMjIlMjIlMkMlMjJnb29nbGVfYWRfY2xpZW50JTIyJTNBJTIycHViLTI4NDQ2MjQ2OTA4MDgyODQlMjIlMkMlMjJnb29nbGVfYWRfZm9ybWF0JTIyJTNBJTIyNzI4eDkwX2FzJTIyJTJDJTIyZ29vZ2xlX2FkX2hlaWdodCUyMiUzQTkwJTJDJTIyZ29vZ2xlX2FkX21vZGlmaWNhdGlvbnMlMjIlM0ElN0IlMjJwbGxlJTIyJTNBdHJ1ZSUyQyUyMmVpZHMlMjIlM0ElNUIlMjIzNjgyMjYyMDElMjIlMkMlMjIzODg5MzMwMiUyMiUyQyUyMjIxMDYxMTIyJTIyJTJDJTIyMTkxODgwNTAxJTIyJTVEJTJDJTIybG9laWRzJTIyJTNBJTVCJTIyMzY4MjI2MjExJTIyJTJDJTIyMzg4OTMzMTIlMjIlNUQlN0QlMkMlMjJnb29nbGVfYWRfdHlwZSUyMiUzQSUyMnRleHRfaW1hZ2UlMjIlMkMlMjJnb29nbGVfYWRfd2lkdGglMjIlM0E3MjglMkMlMjJnb29nbGVfY29sb3JfYmclMjIlM0ElMjJGRkZGRkYlMjIlMkMlMjJnb29nbGVfY29sb3JfYm9yZGVyJTIyJTNBJTIyRkZGRkZGJTIyJTJDJTIyZ29vZ2xlX2NvbG9yX2xpbmslMjIlM0ElMjIwMDAwRkYlMjIlMkMlMjJnb29nbGVfY29sb3JfdGV4dCUyMiUzQSUyMjAwMDAwMCUyMiUyQyUyMmdvb2dsZV9jb2xvcl91cmwlMjIlM0ElMjIwMDgwMDAlMjIlMkMlMjJnb29nbGVfbG9hZGVyX3VzZWQlMjIlM0ElMjJzYSUyMiUyQyUyMmdvb2dsZV9hZF91bml0X2tleSUyMiUzQSUyMjI3OTY5NjI3MjklMjIlMkMlMjJnb29nbGVfYWRfZG9tX2ZpbmdlcnByaW50JTIyJTNBJTIyMjY5Njg1Njk0OSUyMiU3RA==";google_bpp=268;google_async_rrc=0;google_iframe_start_time=new Date().getTime();</script > < script src = "http://pagead2.googlesyndication.com/pagead/js/r20180108/r20170110/show_ads_impl.js" > < /script></body > < /html>
                                    

#2 JavaScript::Write (size: 1523, repeated: 1) - SHA256: 4516461ff97067015ec2b7d6d6ed81947a6f6e33e51d6713ea2edc6588eb7c9e

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "728"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2844624690808284&amp;output=html&amp;h=90&amp;adk=2796962729&amp;adf=2696856949&amp;w=728&amp;lmt=1515933152&amp;loeid=368226211%2C38893312&amp;ad_type=text_image&amp;format=728x90_as&amp;color_bg=FFFFFF&amp;color_border=FFFFFF&amp;color_link=0000FF&amp;color_text=000000&amp;color_url=008000&amp;url=http%3A%2F%2Fdomainpark.sitelutions.com%2Fredir_not_found%2Fredir_not_found.shtml%3Frgdggbqjkudd.bestdeals.at&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;dt=1515933153012&amp;bpp=268&amp;fdt=274&amp;idt=428&amp;shv=r20180108&amp;cbv=r20170110&amp;saldr=sa&amp;correlator=5013790445066&amp;frm=20&amp;ga_vid=1080912372.1515933154&amp;ga_sid=1515933154&amp;ga_hid=735480273&amp;ga_fc=0&amp;pv=2&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=15&amp;ady=552&amp;biw=1176&amp;bih=775&amp;abxe=1&amp;scr_x=0&amp;scr_y=0&amp;eid=368226201%2C38893302%2C21061122%2C191880501%2C389613000&amp;oid=3&amp;nmo=1&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C775&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=1&amp;dtd=928"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#3 JavaScript::Write (size: 921, repeated: 1) - SHA256: 8410e82543bebc49b52e6a115d3ca9ebf14dcad91e8ba1ef22fe47db13e1b12d

                                        < ins id = "aswift_0_expand"
style = "display:inline-table;border:none;height:90px;margin:0;padding:0;position:relative;visibility:visible;width:728px;background-color:transparent;" > < ins id = "aswift_0_anchor"
style = "display:block;border:none;height:90px;margin:0;padding:0;position:relative;visibility:visible;width:728px;background-color:transparent;" > < iframe width = "728"
height = "90"
frameborder = "0"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true"
onload = "var i=this.id,s=window.google_iframe_oncopy,H=s&amp;&amp;s.handlers,h=H&amp;&amp;H[i],w=this.contentWindow,d;try{d=w.document}catch(e){}if(h&amp;&amp;d&amp;&amp;(!d.body||!d.body.firstChild)){if(h.call){setTimeout(h,0)}else if(h.match){try{h=s.upd(h,i)}catch(e){}w.location.replace(h)}}"
id = aswift_0 name = aswift_0 style = "left:0;position:absolute;top:0;width:728px;height:90px;" > < /iframe></ins > < /ins>
                                    

#4 JavaScript::Write (size: 84, repeated: 1) - SHA256: 071bb71cc5f59a8a7b8eeb83d3b40bdfebdb2381c15bfb06526d6bc7b795dd25

                                        < script src = 'http://www.google-analytics.com/ga.js'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (31)


Request Response
                                        
                                            GET /owncheck HTTP/1.1 
Host: rgdggbqjkudd.bestdeals.at
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         108.61.203.22
HTTP/1.1 301 Moved Permanently
Content-Type: text/plain; charset=iso-8859-1
                                        
Server: nginx/1.13.5
Date: Sun, 14 Jan 2018 12:32:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 14 Jan 2018 12:32:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152; expires=Mon, 14-Jan-19 12:32:32 GMT; path=/; domain=.sitelutions.com; HttpOnly
Server: cloudflare
CF-RAY: 3dd09e59e2434285-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2048
Md5:    1deccfa83624674cb414225393969c44
Sha1:   d7547fce45b7c1f30dae1798c5aab5c09c86bab3
Sha256: 1a27dba34591ea2a644312fe03f4f3c6b8b380cfa726a599c45073ae8bb20c9a
                                        
                                            GET /pagead/show_ads.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at

                                         
                                         216.58.209.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Sun, 14 Jan 2018 12:32:32 GMT
Expires: Sun, 14 Jan 2018 12:32:32 GMT
Cache-Control: private, max-age=3600
Etag: 16792466717804796588
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 18493
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   18493
Md5:    ef4d1ff303784dd9e81134021c21f3a3
Sha1:   14536963708afad84f6d13afd3a2e4d2f7312ede
Sha256: 1b8afca8925013f474c8ca140b57d9bad9ef962edf35e7eacaedcdb8baf1120e
                                        
                                            GET /include_files/css/sitelutions1.css HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 14 Jan 2018 12:32:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Etag: W/"534d3a5a-1068"
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Sun, 14 Jan 2018 16:32:32 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 3dd09e5bb3484285-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   884
Md5:    9586847b173ab8b35491731920337fb0
Sha1:   d34747d0ca1d2a7a70e11918b1e41f89efea0d90
Sha256: 3d04a2e28d2845a3d805cf791efddaaa939acb8e48595938571698ec04716437
                                        
                                            GET /image_files/badge_riskfree.gif HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 14 Jan 2018 12:32:32 GMT
Content-Length: 2459
Connection: keep-alive
Etag: "534d3a59-99b"
Last-Modified: Tue, 15 Apr 2014 13:55:37 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Sun, 14 Jan 2018 16:32:32 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3dd09e5be44b4279-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 70 x 68
Size:   2459
Md5:    dc2c14ece85d88b7d7ae5d0aa8d817ae
Sha1:   5afcb2aa536fce8e56cac709e3c78cdef6433589
Sha256: 818d9723e97627fd28456fe7cb539237347f560e16a26d953504787aeed712aa
                                        
                                            GET /image_files/logo_bbbonline.gif HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 14 Jan 2018 12:32:32 GMT
Content-Length: 2986
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: origSize=2994
Etag: "534d3a5a-bb2"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Sun, 14 Jan 2018 16:32:32 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3dd09e5be44d4279-OSL


--- Additional Info ---
Magic:  GIF image data, version 87a, 128 x 43
Size:   2986
Md5:    dd925c1ab4e64f02338da792b99982f4
Sha1:   31d39012caef99c20e3234aecf67e9629021ba11
Sha256: cfc8750cc0b7862e02dd765568291df656bebce63ff2df51096420aa69e6c839
                                        
                                            GET /image_files/badge_uptime.gif HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 14 Jan 2018 12:32:32 GMT
Content-Length: 1628
Connection: keep-alive
Etag: "534d3a5a-65c"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Sun, 14 Jan 2018 16:32:32 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3dd09e5be76342a3-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 81 x 56
Size:   1628
Md5:    a633436813589bbf31b844303f1eede2
Sha1:   bd42ab7c643ffe62431d88137eea3e9a2691eae5
Sha256: 0bbfb3ce186026ef3289855acc60f9c926f45ac82374fbc47501ffb4cee92fc2
                                        
                                            GET /redir_not_found/favicon.ico HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152

                                         
                                         104.20.23.95
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Sun, 14 Jan 2018 12:32:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Expires: Sun, 14 Jan 2018 16:32:32 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 3dd09e5be75f42a3-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1035
Md5:    a80132a2c341218e8d57d9e095169abd
Sha1:   34301e3ffbb6f9c6e3ad57d2d29ae9a71bb941b4
Sha256: 1c78658fcb8324240196b8db69e1353002a4751ac2ab342e8c4ad63eaa4d6f39
                                        
                                            GET /image_files/bg-blurbs-is.jpg HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 14 Jan 2018 12:32:33 GMT
Content-Length: 6717
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: degrade=85, origSize=12143
Etag: "534d3a5a-2f6f"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Sun, 14 Jan 2018 16:32:33 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3dd09e5d81704297-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   6717
Md5:    eb66a88aa6f5263fc8d63b8a7fb6c37d
Sha1:   ec2ff9f09b26db597326d286e38b63a349f8a264
Sha256: 4480cf0ded2ceafb92369c92d703113730e5e962a1a80ad28966caa9ff4e660f
                                        
                                            GET /image_files/sl_logo.png HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 14 Jan 2018 12:32:33 GMT
Content-Length: 6035
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: pngoptimizer, origSize=8913
Etag: "534d3a5a-22d1"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Sun, 14 Jan 2018 16:32:33 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3dd09e5d64254285-OSL


--- Additional Info ---
Magic:  PNG image, 300 x 58, 8-bit/color RGBA, non-interlaced
Size:   6035
Md5:    72070a5afb3a8fcab6258da8d95f59fe
Sha1:   a2e91e3010a3035ad7061862ae03970e90fec6f3
Sha256: 558d3ca2ab63f2aa74754f9a0db9c6750acff90de3b578bd0a6307b8df12b0f7
                                        
                                            GET /image_files/bg-blurbs-dm.jpg HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 14 Jan 2018 12:32:33 GMT
Content-Length: 6321
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: degrade=85, origSize=10926
Etag: "534d3a5a-2aae"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Sun, 14 Jan 2018 16:32:33 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3dd09e5d852d4279-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   6321
Md5:    6250ab3f8424c925a58777f392099643
Sha1:   a49557a9fef182dcfc519ca67c64ec03f49a774f
Sha256: a3baf0ab8c1cd9643a454e5e1f392b760d4fa28337f5a90b52aa1c9f0c13b11c
                                        
                                            GET /image_files/dot.gif HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 14 Jan 2018 12:32:33 GMT
Content-Length: 36
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: origSize=44
Etag: "534d3a5a-2c"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Sun, 14 Jan 2018 16:32:33 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3dd09e5d852b4279-OSL


--- Additional Info ---
Magic:  GIF image data, version 87a, 3 x 3
Size:   36
Md5:    e1f94d1ab145619799ea4933d1615db0
Sha1:   79541b4c6d0d6996f37e344139a374c7225ee681
Sha256: 0cabaf36aa26692377d96cb1a6ff6b6daa97817156b352793bb76119a00e4653
                                        
                                            GET /image_files/bg-blurbs-bm.jpg HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 14 Jan 2018 12:32:33 GMT
Content-Length: 7458
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: degrade=85, origSize=13308
Etag: "534d3a5a-33fc"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Sun, 14 Jan 2018 16:32:33 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3dd09e5d906d42a3-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   7458
Md5:    c7a8787b14a02c8aca333b572b590d16
Sha1:   1f3b1cee89067a3fba511a83c3c0fc99d9abf083
Sha256: c870cc92adec4d4309725f9368499d63df9cc967d6b4739bd1355807caab8c24
                                        
                                            GET /image_files/bg-blurbs-cb.jpg HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152

                                         
                                         104.20.23.95
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 14 Jan 2018 12:32:33 GMT
Content-Length: 6005
Connection: keep-alive
Cf-Bgj: imgq:85
Cf-Polished: degrade=85, origSize=10253
Etag: "534d3a5a-280d"
Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT
Vary: Accept
CF-Cache-Status: REVALIDATED
Expires: Sun, 14 Jan 2018 16:32:33 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 3dd09e5da06742a3-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   6005
Md5:    21693f6672c90890ff18b1a6579da77e
Sha1:   f6115075757dc2e56aff724574b3d57b7a38334d
Sha256: 511cd61bc69c1908fbf2d7a57caa36f5daf17c70dfd75ba3536942ee29738012
                                        
                                            GET /pagead/js/r20180108/r20170110/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at

                                         
                                         216.58.209.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Sun, 14 Jan 2018 12:32:33 GMT
Expires: Sun, 14 Jan 2018 12:32:33 GMT
Cache-Control: private, max-age=1209600
Etag: 14977654137761104608
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 68011
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   68011
Md5:    b20797e7ac5aa25e8cbcab1f722eb8c1
Sha1:   376b329656af9f77696dc3bbe9a630677e6abd13
Sha256: 636fca60752a7d017b039d5d4236fe5a1abfa42b009571ecb4b1ecc75714be45
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 14 Jan 2018 12:32:33 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    65e20bff87f8c07678a19484e219046c
Sha1:   6f4e5c4a05f10a5bace76d9cf1d5cfd2100c9305
Sha256: ef1fd7ac294180590038c4ce08aaa61e66e8a5353bcb347025fe2f2f694e59f4
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 14 Jan 2018 12:32:33 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 14 Jan 2018 12:32:34 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    56bd9691b8b9d3de869da6b6c36a4f6b
Sha1:   a36a1086b5b53fbfe66bebd4681eb0671ce8c640
Sha256: 71b76050f1d64023915316d358f42b04e62a72ee5e8bbfd6918e5072b2b4e43e
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 14 Jan 2018 12:32:34 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    7277280b75e376003c2d7b4f27a91a19
Sha1:   1244cfbb8d610de94b51b080e267e0b2ff50f5c6
Sha256: 4e3ad1bc6ed898c6f0bd265c602dfc67dcd7335fbe747afc25710cf52e8796c9
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1391
Content-Transfer-Encoding: binary
Cache-Control: max-age=423852, public, no-transform, must-revalidate
Last-Modified: Fri, 12 Jan 2018 10:14:07 GMT
Expires: Fri, 19 Jan 2018 10:14:07 GMT
Date: Sun, 14 Jan 2018 12:32:34 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1391
Md5:    b782a360b93b63de361e0eb23543738a
Sha1:   19ceb6b5ff416f1c39920f7b9c5f13529ca5c471
Sha256: 19918dbd8a911df022890986ec165e3b9fdcc494a5e2cb2d5bb60f8d9e016249
                                        
                                            GET /pagead/html/r20180108/r20170110/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at

                                         
                                         216.58.209.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Sun, 14 Jan 2018 11:37:12 GMT
Expires: Sun, 28 Jan 2018 11:37:12 GMT
Etag: 17582403666037489517
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6816
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 3322
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6816
Md5:    f1d38e7277050f91ea4311a219bd84af
Sha1:   eebd06bb40587e88be00e4ce08ec2176c198af7a
Sha256: 7bd792e2540f6b173a45c462878b9a435c0842645c242188d7e324a75e173667
                                        
                                            GET /pagead/js/r20180108/r20170110/osd.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at

                                         
                                         216.58.209.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Sun, 14 Jan 2018 11:37:15 GMT
Expires: Sun, 28 Jan 2018 11:37:15 GMT
Etag: 11980724546551445463
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 30311
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 3319
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   30311
Md5:    f2ead96a634719fba9ad6ca10087a684
Sha1:   a4b7e3db95d00de9e1056057c25cb1ac7d51fabe
Sha256: 0a825c51fe345a56f5937ea0b4df5fc71bd2d7f27e213b79b51bca8b40c5b875
                                        
                                            GET /pub-config/r20160913/ca-pub-2844624690808284.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at

                                         
                                         216.58.209.130
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sun, 14 Jan 2018 12:32:34 GMT
Expires: Mon, 15 Jan 2018 00:32:34 GMT
Cache-Control: public, max-age=43200
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
Content-Length: 88
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   88
Md5:    447300cfe76a026545c27482e7ada077
Sha1:   995fa7efb4f9b8be29ea4c3c69a361e0a1f27ba1
Sha256: 994d8a1f3b94c1b503343b827ffd37a0a2a50015d48a054812591825cc305a40
                                        
                                            GET /adsid/integrator.js?domain=domainpark.sitelutions.com HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at

                                         
                                         216.58.209.130
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Sun, 14 Jan 2018 12:32:34 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   107
Md5:    5432a558d422eaeaa6f7e8a15c0c1134
Sha1:   252ee6dbb502fd998fbdc5721da5986b877f1c73
Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
                                        
                                            GET /adsid/integrator.js?domain=domainpark.sitelutions.com HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at

                                         
                                         216.58.209.130
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Sun, 14 Jan 2018 12:32:34 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   107
Md5:    5432a558d422eaeaa6f7e8a15c0c1134
Sha1:   252ee6dbb502fd998fbdc5721da5986b877f1c73
Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Sun, 14 Jan 2018 10:38:55 GMT
Expires: Sun, 14 Jan 2018 12:38:55 GMT
Last-Modified: Mon, 13 Nov 2017 20:19:12 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17172
Cache-Control: public, max-age=7200
Age: 6819


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17172
Md5:    43adefe535269f3b75e0f229d0dba4d6
Sha1:   5e3bed19757401b3aa6c8ab8b5f26aa17add8a3a
Sha256: fc7f9d5234f97de0433021d02e8969a93003d90bf16d40a9cb2d8f5c7bfaa398
                                        
                                            GET /pagead/ads?client=ca-pub-2844624690808284&output=html&h=90&adk=2796962729&adf=2696856949&w=728&lmt=1515933152&loeid=368226211%2C38893312&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fdomainpark.sitelutions.com%2Fredir_not_found%2Fredir_not_found.shtml%3Frgdggbqjkudd.bestdeals.at&ea=0&flash=10.0.45&wgl=0&dt=1515933153012&bpp=268&fdt=274&idt=428&shv=r20180108&cbv=r20170110&saldr=sa&correlator=5013790445066&frm=20&ga_vid=1080912372.1515933154&ga_sid=1515933154&ga_hid=735480273&ga_fc=0&pv=2&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=15&ady=552&biw=1176&bih=775&abxe=1&scr_x=0&scr_y=0&eid=368226201%2C38893302%2C21061122%2C191880501%2C389613000&oid=3&nmo=1&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C775&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=928 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at

                                         
                                         216.58.209.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sun, 14 Jan 2018 12:32:34 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Sun, 14-Jan-2018 12:47:34 GMT; path=/; domain=.doubleclick.net
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Sun, 14 Jan 2018 12:32:34 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   82
Md5:    87b49554493c15fb23b8e5d2f13b1ebf
Sha1:   328cbcb1c58530fd3f554ca7386ef7a85e1e982f
Sha256: 590b4bba70579d67368d97259fc85f56fda4fa5cb82f404fa8ec67a43369db17
                                        
                                            GET /r/__utm.gif?utmwv=5.7.1&utms=1&utmn=1756897705&utmhn=domainpark.sitelutions.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1176x775&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Redirect%20Not%20Found%20rgdggbqjkudd.bestdeals.at&utmhid=735480273&utmr=-&utmp=%2Fredir_not_found%2Fredir_not_found.shtml%3Frgdggbqjkudd.bestdeals.at&utmht=1515933154359&utmac=UA-9495639-6&utmcc=__utma%3D90851141.1233846922.1515933154.1515933154.1515933154.1%3B%2B__utmz%3D90851141.1515933154.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=144688758&utmredir=1&utmu=DBAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?rgdggbqjkudd.bestdeals.at

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Sun, 14 Jan 2018 12:32:34 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /redir_not_found/favicon.ico HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152; __utma=90851141.1233846922.1515933154.1515933154.1515933154.1; __utmb=90851141.1.10.1515933154; __utmc=90851141; __utmz=90851141.1515933154.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         104.20.23.95
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Sun, 14 Jan 2018 12:32:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Sun, 14 Jan 2018 16:32:34 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 3dd09e67061b4297-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1035
Md5:    a80132a2c341218e8d57d9e095169abd
Sha1:   34301e3ffbb6f9c6e3ad57d2d29ae9a71bb941b4
Sha256: 1c78658fcb8324240196b8db69e1353002a4751ac2ab342e8c4ad63eaa4d6f39
                                        
                                            GET /redir_not_found/favicon.ico HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152; __utma=90851141.1233846922.1515933154.1515933154.1515933154.1; __utmb=90851141.1.10.1515933154; __utmc=90851141; __utmz=90851141.1515933154.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         104.20.23.95
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Sun, 14 Jan 2018 12:32:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Sun, 14 Jan 2018 16:32:35 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 3dd09e6ea4eb4285-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1035
Md5:    a80132a2c341218e8d57d9e095169abd
Sha1:   34301e3ffbb6f9c6e3ad57d2d29ae9a71bb941b4
Sha256: 1c78658fcb8324240196b8db69e1353002a4751ac2ab342e8c4ad63eaa4d6f39
                                        
                                            GET /redir_not_found/favicon.ico HTTP/1.1 
Host: domainpark.sitelutions.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=de82e6ff7e5b75102fb010bc976c6a3e51515933152; __utma=90851141.1233846922.1515933154.1515933154.1515933154.1; __utmb=90851141.1.10.1515933154; __utmc=90851141; __utmz=90851141.1515933154.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         104.20.23.95
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Date: Sun, 14 Jan 2018 12:32:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Sun, 14 Jan 2018 16:32:35 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 3dd09e6eb5b44279-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1035
Md5:    a80132a2c341218e8d57d9e095169abd
Sha1:   34301e3ffbb6f9c6e3ad57d2d29ae9a71bb941b4
Sha256: 1c78658fcb8324240196b8db69e1353002a4751ac2ab342e8c4ad63eaa4d6f39