urlquery.net - URL scanner

Overview

URL	www2.joinsmartscanrr.isgre.at/eiarf107_2331.php
IP	108.61.203.22
ASN	AS20473 Choopa, LLC
Location	United States
Report completed	2018-01-13 22:00:52 CET
Status	Loading report..
urlQuery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Blacklists

MDL

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Added / Verified	Severity	Host	Comment
2018-01-13	2	www2.joinsmartscanrr.isgre.at/eiarf107_2331.php	Malware

DNS-BH

No alerts detected

mnemonic secure dns

No alerts detected

Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 108.61.203.22

Date	UQ / IDS / BL	URL	IP
2018-07-20 02:30:06 +0200	0 - 3 - 1	dspuezcnkudd.passas.us/owncheck/	108.61.203.22
2018-07-14 03:37:14 +0200	0 - 4 - 0	cove36ring.rr.nu/	108.61.203.22
2018-07-13 23:10:49 +0200	0 - 2 - 0	index.isthebe.st/	108.61.203.22
2018-07-08 03:35:01 +0200	0 - 1 - 1	census43anyones.rr.nu/n.php	108.61.203.22
2018-07-08 03:35:00 +0200	0 - 1 - 1	rism50quali.rr.nu/n.php	108.61.203.22
2018-07-06 19:49:01 +0200	0 - 0 - 1	savesoftez.rr.nu/	108.61.203.22
2018-07-06 05:29:29 +0200	1 - 1 - 0	www2.top-defenseur.findhere.org/jlwete107_219 (...)	108.61.203.22
2018-07-06 05:29:27 +0200	1 - 1 - 0	www2.strongyznnetwork.findhere.org/xjo221_235 (...)	108.61.203.22
2018-07-06 05:29:23 +0200	1 - 0 - 0	www2.top-dieguard.findhere.org/fycuu107_2367. (...)	108.61.203.22
2018-06-30 07:28:07 +0200	0 - 4 - 0	cove36ring.rr.nu/	108.61.203.22

Last 10 reports on ASN: AS20473 Choopa, LLC

Date	UQ / IDS / BL	URL	IP
2018-07-23 11:36:55 +0200	0 - 0 - 0	45.77.183.153	45.77.183.153
2018-07-23 10:41:23 +0200	0 - 0 - 0	skyllnewebhost.com	107.191.42.240
2018-07-23 09:57:49 +0200	0 - 1 - 0	naturesoflight.com/	108.61.155.205
2018-07-23 09:54:38 +0200	0 - 1 - 0	miletic.net	108.61.208.98
2018-07-23 08:49:27 +0200	0 - 0 - 24	https://lasillarota.com/...	104.207.134.57
2018-07-23 04:32:55 +0200	1 - 0 - 0	tintuc.mefound.com/9F83181BCC281580/B243AADF	8.9.8.22
2018-07-23 04:32:54 +0200	1 - 0 - 0	tintuc.mefound.com/A6B16EA272124747/06DE52A6	8.9.8.22
2018-07-23 04:32:49 +0200	1 - 0 - 0	tintuc.mefound.com/0EDDBA73C5ECEBDD/7EA3C9F1	8.9.8.22
2018-07-23 00:03:53 +0200	0 - 0 - 6	mpowerglobal.co.th/	45.76.153.229
2018-07-22 05:18:04 +0200	0 - 0 - 0	45.76.12.200/generic/openvpn-connect-2.5.0.13 (...)	45.76.12.200

No other reports on domain: isgre.at

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (4)

#1 JavaScript::Write (size: 2058, repeated: 1) - SHA256: 2604f7376630511968300471d76b4cbfb2613518086920a136ae3680ef0752a9

                                        < !doctype html > < html > < body > < iframe style = "display:none"
data - ad - client = "ca-pub-2844624690808284"
id = "google_esf"
name = "google_esf"
src = "https://googleads.g.doubleclick.net/pagead/html/r20180108/r20170110/zrt_lookup.html#" > < /iframe><script>google_ad_channel="";google_ad_client="pub-2844624690808284";google_ad_format="728x90_as";google_ad_height=90;google_ad_modifications={"plle":true,"eids":["38893302","21061122","191880502"],"loeids":["38893312"]};google_ad_type="text_image";google_ad_width=728;google_color_bg="FFFFFF";google_color_border="FFFFFF";google_color_link="0000FF";google_color_text="000000";google_color_url="008000";google_loader_used="sa";google_ad_unit_key="2796962729";google_ad_dom_fingerprint="2696856949";google_sailm=false;google_unique_id=1;google_async_iframe_id="aswift_0";google_start_time=1515877613790;google_pub_vars="JTdCJTIyZ29vZ2xlX2FkX2NoYW5uZWwlMjIlM0ElMjIlMjIlMkMlMjJnb29nbGVfYWRfY2xpZW50JTIyJTNBJTIycHViLTI4NDQ2MjQ2OTA4MDgyODQlMjIlMkMlMjJnb29nbGVfYWRfZm9ybWF0JTIyJTNBJTIyNzI4eDkwX2FzJTIyJTJDJTIyZ29vZ2xlX2FkX2hlaWdodCUyMiUzQTkwJTJDJTIyZ29vZ2xlX2FkX21vZGlmaWNhdGlvbnMlMjIlM0ElN0IlMjJwbGxlJTIyJTNBdHJ1ZSUyQyUyMmVpZHMlMjIlM0ElNUIlMjIzODg5MzMwMiUyMiUyQyUyMjIxMDYxMTIyJTIyJTJDJTIyMTkxODgwNTAyJTIyJTVEJTJDJTIybG9laWRzJTIyJTNBJTVCJTIyMzg4OTMzMTIlMjIlNUQlN0QlMkMlMjJnb29nbGVfYWRfdHlwZSUyMiUzQSUyMnRleHRfaW1hZ2UlMjIlMkMlMjJnb29nbGVfYWRfd2lkdGglMjIlM0E3MjglMkMlMjJnb29nbGVfY29sb3JfYmclMjIlM0ElMjJGRkZGRkYlMjIlMkMlMjJnb29nbGVfY29sb3JfYm9yZGVyJTIyJTNBJTIyRkZGRkZGJTIyJTJDJTIyZ29vZ2xlX2NvbG9yX2xpbmslMjIlM0ElMjIwMDAwRkYlMjIlMkMlMjJnb29nbGVfY29sb3JfdGV4dCUyMiUzQSUyMjAwMDAwMCUyMiUyQyUyMmdvb2dsZV9jb2xvcl91cmwlMjIlM0ElMjIwMDgwMDAlMjIlMkMlMjJnb29nbGVfbG9hZGVyX3VzZWQlMjIlM0ElMjJzYSUyMiUyQyUyMmdvb2dsZV9hZF91bml0X2tleSUyMiUzQSUyMjI3OTY5NjI3MjklMjIlMkMlMjJnb29nbGVfYWRfZG9tX2ZpbmdlcnByaW50JTIyJTNBJTIyMjY5Njg1Njk0OSUyMiU3RA==";google_bpp=278;google_async_rrc=0;google_iframe_start_time=new Date().getTime();</script > < script src = "http://pagead2.googlesyndication.com/pagead/js/r20180108/r20170110/show_ads_impl.js" > < /script></body > < /html>

#2 JavaScript::Write (size: 1501, repeated: 1) - SHA256: a872837cd56c06ee23278d52e79013b9526162ccca30db20831e937c3dbb5695

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "728"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2844624690808284&amp;output=html&amp;h=90&amp;adk=2796962729&amp;adf=2696856949&amp;w=728&amp;lmt=1515877613&amp;loeid=38893312&amp;ad_type=text_image&amp;format=728x90_as&amp;color_bg=FFFFFF&amp;color_border=FFFFFF&amp;color_link=0000FF&amp;color_text=000000&amp;color_url=008000&amp;url=http%3A%2F%2Fdomainpark.sitelutions.com%2Fredir_not_found%2Fredir_not_found.shtml%3Fwww2.joinsmartscanrr.isgre.at&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;dt=1515877613790&amp;bpp=278&amp;fdt=286&amp;idt=490&amp;shv=r20180108&amp;cbv=r20170110&amp;saldr=sa&amp;correlator=76534851150&amp;frm=20&amp;ga_vid=842510833.1515877615&amp;ga_sid=1515877615&amp;ga_hid=562864657&amp;ga_fc=0&amp;pv=2&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=15&amp;ady=552&amp;biw=1176&amp;bih=754&amp;abxe=1&amp;scr_x=0&amp;scr_y=0&amp;eid=38893302%2C21061122%2C191880502%2C370204013&amp;oid=3&amp;nmo=1&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=1&amp;dtd=1075"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>

#3 JavaScript::Write (size: 921, repeated: 1) - SHA256: 8410e82543bebc49b52e6a115d3ca9ebf14dcad91e8ba1ef22fe47db13e1b12d

                                        < ins id = "aswift_0_expand"
style = "display:inline-table;border:none;height:90px;margin:0;padding:0;position:relative;visibility:visible;width:728px;background-color:transparent;" > < ins id = "aswift_0_anchor"
style = "display:block;border:none;height:90px;margin:0;padding:0;position:relative;visibility:visible;width:728px;background-color:transparent;" > < iframe width = "728"
height = "90"
frameborder = "0"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true"
onload = "var i=this.id,s=window.google_iframe_oncopy,H=s&amp;&amp;s.handlers,h=H&amp;&amp;H[i],w=this.contentWindow,d;try{d=w.document}catch(e){}if(h&amp;&amp;d&amp;&amp;(!d.body||!d.body.firstChild)){if(h.call){setTimeout(h,0)}else if(h.match){try{h=s.upd(h,i)}catch(e){}w.location.replace(h)}}"
id = aswift_0 name = aswift_0 style = "left:0;position:absolute;top:0;width:728px;height:90px;" > < /iframe></ins > < /ins>

#4 JavaScript::Write (size: 84, repeated: 1) - SHA256: 071bb71cc5f59a8a7b8eeb83d3b40bdfebdb2381c15bfb06526d6bc7b795dd25

                                        < script src = 'http://www.google-analytics.com/ga.js'
type = 'text/javascript' > < /script>

HTTP Transactions (31)

Request	Response
GET /eiarf107_2331.php HTTP/1.1 Host: www2.joinsmartscanrr.isgre.at User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	108.61.203.22 HTTP/1.1 301 Moved Permanently Content-Type: application/x-httpd-php Server: nginx/1.13.5 Date: Sat, 13 Jan 2018 21:06:52 GMT Transfer-Encoding: chunked Connection: keep-alive Location: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at --- Additional Info --- Alerts: Blacklists: - fortinet: Malware
GET /redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	104.20.23.95 HTTP/1.1 200 OK Content-Type: text/html Date: Sat, 13 Jan 2018 21:06:53 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613; expires=Sun, 13-Jan-19 21:06:53 GMT; path=/; domain=.sitelutions.com; HttpOnly Server: cloudflare CF-RAY: 3dcb526a7506428b-OSL Content-Encoding: gzip --- Additional Info --- Magic: gzip compressed data, from Unix Size: 2092 Md5: 53ef7f6e8f9a45afc09870ac239d0f75 Sha1: f9200e0d83152216cbe7e1e4603f856cf32475ef Sha256: f2f757b9a716b181f8b881b2aa38d787e97f61dfafee7846ac756e84a52b5404
GET /include_files/css/sitelutions1.css HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/css,/;q=0.1 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613	104.20.23.95 HTTP/1.1 200 OK Content-Type: text/css Date: Sat, 13 Jan 2018 21:06:53 GMT Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT Etag: W/"534d3a5a-1068" CF-Cache-Status: HIT Vary: Accept-Encoding Expires: Sun, 14 Jan 2018 01:06:53 GMT Cache-Control: public, max-age=14400 Server: cloudflare CF-RAY: 3dcb526c4658428b-OSL Content-Encoding: gzip --- Additional Info --- Magic: gzip compressed data, from Unix Size: 884 Md5: 9586847b173ab8b35491731920337fb0 Sha1: d34747d0ca1d2a7a70e11918b1e41f89efea0d90 Sha256: 3d04a2e28d2845a3d805cf791efddaaa939acb8e48595938571698ec04716437
GET /image_files/badge_uptime.gif HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613	104.20.23.95 HTTP/1.1 200 OK Content-Type: image/gif Date: Sat, 13 Jan 2018 21:06:53 GMT Content-Length: 1628 Connection: keep-alive Etag: "534d3a5a-65c" Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT Vary: Accept CF-Cache-Status: HIT Expires: Sun, 14 Jan 2018 01:06:53 GMT Cache-Control: public, max-age=14400 Accept-Ranges: bytes Server: cloudflare CF-RAY: 3dcb526c72e24261-OSL --- Additional Info --- Magic: GIF image data, version 89a, 81 x 56 Size: 1628 Md5: a633436813589bbf31b844303f1eede2 Sha1: bd42ab7c643ffe62431d88137eea3e9a2691eae5 Sha256: 0bbfb3ce186026ef3289855acc60f9c926f45ac82374fbc47501ffb4cee92fc2
GET /image_files/logo_bbbonline.gif HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613	104.20.23.95 HTTP/1.1 200 OK Content-Type: image/gif Date: Sat, 13 Jan 2018 21:06:53 GMT Content-Length: 2986 Connection: keep-alive Cf-Bgj: imgq:85 Cf-Polished: origSize=2994 Etag: "534d3a5a-bb2" Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT Vary: Accept CF-Cache-Status: HIT Expires: Sun, 14 Jan 2018 01:06:53 GMT Cache-Control: public, max-age=14400 Accept-Ranges: bytes Server: cloudflare CF-RAY: 3dcb526c71e842af-OSL --- Additional Info --- Magic: GIF image data, version 87a, 128 x 43 Size: 2986 Md5: dd925c1ab4e64f02338da792b99982f4 Sha1: 31d39012caef99c20e3234aecf67e9629021ba11 Sha256: cfc8750cc0b7862e02dd765568291df656bebce63ff2df51096420aa69e6c839
GET /image_files/badge_riskfree.gif HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613	104.20.23.95 HTTP/1.1 200 OK Content-Type: image/gif Date: Sat, 13 Jan 2018 21:06:53 GMT Content-Length: 2459 Connection: keep-alive Etag: "534d3a59-99b" Last-Modified: Tue, 15 Apr 2014 13:55:37 GMT Vary: Accept CF-Cache-Status: HIT Expires: Sun, 14 Jan 2018 01:06:53 GMT Cache-Control: public, max-age=14400 Accept-Ranges: bytes Server: cloudflare CF-RAY: 3dcb526c77734279-OSL --- Additional Info --- Magic: GIF image data, version 89a, 70 x 68 Size: 2459 Md5: dc2c14ece85d88b7d7ae5d0aa8d817ae Sha1: 5afcb2aa536fce8e56cac709e3c78cdef6433589 Sha256: 818d9723e97627fd28456fe7cb539237347f560e16a26d953504787aeed712aa
GET /image_files/sl_logo.png HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613	104.20.23.95 HTTP/1.1 200 OK Content-Type: image/png Date: Sat, 13 Jan 2018 21:06:53 GMT Content-Length: 6035 Connection: keep-alive Cf-Bgj: imgq:85 Cf-Polished: pngoptimizer, origSize=8913 Etag: "534d3a5a-22d1" Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT Vary: Accept CF-Cache-Status: HIT Expires: Sun, 14 Jan 2018 01:06:53 GMT Cache-Control: public, max-age=14400 Accept-Ranges: bytes Server: cloudflare CF-RAY: 3dcb526c969b428b-OSL --- Additional Info --- Magic: PNG image, 300 x 58, 8-bit/color RGBA, non-interlaced Size: 6035 Md5: 72070a5afb3a8fcab6258da8d95f59fe Sha1: a2e91e3010a3035ad7061862ae03970e90fec6f3 Sha256: 558d3ca2ab63f2aa74754f9a0db9c6750acff90de3b578bd0a6307b8df12b0f7
GET /image_files/bg-blurbs-dm.jpg HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613	104.20.23.95 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Sat, 13 Jan 2018 21:06:53 GMT Content-Length: 6321 Connection: keep-alive Cf-Bgj: imgq:85 Cf-Polished: degrade=85, origSize=10926 Etag: "534d3a5a-2aae" Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT Vary: Accept CF-Cache-Status: HIT Expires: Sun, 14 Jan 2018 01:06:53 GMT Cache-Control: public, max-age=14400 Accept-Ranges: bytes Server: cloudflare CF-RAY: 3dcb526c978d4279-OSL --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02 Size: 6321 Md5: 6250ab3f8424c925a58777f392099643 Sha1: a49557a9fef182dcfc519ca67c64ec03f49a774f Sha256: a3baf0ab8c1cd9643a454e5e1f392b760d4fa28337f5a90b52aa1c9f0c13b11c
GET /image_files/bg-blurbs-bm.jpg HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613	104.20.23.95 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Sat, 13 Jan 2018 21:06:53 GMT Content-Length: 7458 Connection: keep-alive Cf-Bgj: imgq:85 Cf-Polished: degrade=85, origSize=13308 Etag: "534d3a5a-33fc" Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT Vary: Accept CF-Cache-Status: HIT Expires: Sun, 14 Jan 2018 01:06:53 GMT Cache-Control: public, max-age=14400 Accept-Ranges: bytes Server: cloudflare CF-RAY: 3dcb526ca3f84297-OSL --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02 Size: 7458 Md5: c7a8787b14a02c8aca333b572b590d16 Sha1: 1f3b1cee89067a3fba511a83c3c0fc99d9abf083 Sha256: c870cc92adec4d4309725f9368499d63df9cc967d6b4739bd1355807caab8c24
GET /image_files/bg-blurbs-cb.jpg HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613	104.20.23.95 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Sat, 13 Jan 2018 21:06:53 GMT Content-Length: 6005 Connection: keep-alive Cf-Bgj: imgq:85 Cf-Polished: degrade=85, origSize=10253 Etag: "534d3a5a-280d" Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT Vary: Accept CF-Cache-Status: HIT Expires: Sun, 14 Jan 2018 01:06:53 GMT Cache-Control: public, max-age=14400 Accept-Ranges: bytes Server: cloudflare CF-RAY: 3dcb526ca6a7428b-OSL --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02 Size: 6005 Md5: 21693f6672c90890ff18b1a6579da77e Sha1: f6115075757dc2e56aff724574b3d57b7a38334d Sha256: 511cd61bc69c1908fbf2d7a57caa36f5daf17c70dfd75ba3536942ee29738012
GET /image_files/bg-blurbs-is.jpg HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613	104.20.23.95 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Sat, 13 Jan 2018 21:06:53 GMT Content-Length: 6717 Connection: keep-alive Cf-Bgj: imgq:85 Cf-Polished: degrade=85, origSize=12143 Etag: "534d3a5a-2f6f" Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT Vary: Accept CF-Cache-Status: HIT Expires: Sun, 14 Jan 2018 01:06:53 GMT Cache-Control: public, max-age=14400 Accept-Ranges: bytes Server: cloudflare CF-RAY: 3dcb526c92f84261-OSL --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02 Size: 6717 Md5: eb66a88aa6f5263fc8d63b8a7fb6c37d Sha1: ec2ff9f09b26db597326d286e38b63a349f8a264 Sha256: 4480cf0ded2ceafb92369c92d703113730e5e962a1a80ad28966caa9ff4e660f
GET /pagead/show_ads.js HTTP/1.1 Host: pagead2.googlesyndication.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at	216.58.211.130 HTTP/1.1 200 OK Content-Type: text/javascript; charset=UTF-8 P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Timing-Allow-Origin: * Date: Sat, 13 Jan 2018 21:06:53 GMT Expires: Sat, 13 Jan 2018 21:06:53 GMT Cache-Control: private, max-age=3600 Etag: 16792466717804796588 X-Content-Type-Options: nosniff Content-Disposition: attachment; filename="f.txt" Content-Encoding: gzip Server: cafe Content-Length: 18493 X-XSS-Protection: 1; mode=block --- Additional Info --- Magic: gzip compressed data, max compression Size: 18493 Md5: ef4d1ff303784dd9e81134021c21f3a3 Sha1: 14536963708afad84f6d13afd3a2e4d2f7312ede Sha256: 1b8afca8925013f474c8ca140b57d9bad9ef962edf35e7eacaedcdb8baf1120e
GET /redir_not_found/favicon.ico HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613	104.20.23.95 HTTP/1.1 404 Not Found Content-Type: text/html Date: Sat, 13 Jan 2018 21:06:53 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Cache-Status: EXPIRED Vary: Accept-Encoding Expires: Sun, 14 Jan 2018 01:06:53 GMT Cache-Control: public, max-age=14400 Server: cloudflare CF-RAY: 3dcb526c776b4279-OSL Content-Encoding: gzip --- Additional Info --- Magic: gzip compressed data, from Unix Size: 1035 Md5: a80132a2c341218e8d57d9e095169abd Sha1: 34301e3ffbb6f9c6e3ad57d2d29ae9a71bb941b4 Sha256: 1c78658fcb8324240196b8db69e1353002a4751ac2ab342e8c4ad63eaa4d6f39
GET /pagead/js/r20180108/r20170110/show_ads_impl.js HTTP/1.1 Host: pagead2.googlesyndication.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at	216.58.211.130 HTTP/1.1 200 OK Content-Type: text/javascript; charset=UTF-8 P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Timing-Allow-Origin: * Date: Sat, 13 Jan 2018 21:06:54 GMT Expires: Sat, 13 Jan 2018 21:06:54 GMT Cache-Control: private, max-age=1209600 Etag: 14977654137761104608 X-Content-Type-Options: nosniff Content-Disposition: attachment; filename="f.txt" Content-Encoding: gzip Server: cafe Content-Length: 68011 X-XSS-Protection: 1; mode=block --- Additional Info --- Magic: gzip compressed data, max compression Size: 68011 Md5: b20797e7ac5aa25e8cbcab1f722eb8c1 Sha1: 376b329656af9f77696dc3bbe9a630677e6abd13 Sha256: 636fca60752a7d017b039d5d4236fe5a1abfa42b009571ecb4b1ecc75714be45
POST /GTSGIAG3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Content-Length: 107 Content-Type: application/ocsp-request	172.217.20.46 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 13 Jan 2018 21:06:54 GMT Cache-Control: public, max-age=345600 Server: ocsp_responder Content-Length: 463 X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 463 Md5: 63b8bc253701fec4a4b42b144576a5af Sha1: c96cf1960ffd8a88fda111ca0785353a72f80c71 Sha256: ffc8843302d44f3860d8cf9fedf9609527bf2f851d157f45c6192b661849fe13
POST /gsr2 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Content-Length: 112 Content-Type: application/ocsp-request	172.217.20.46 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 13 Jan 2018 21:06:54 GMT Cache-Control: public, max-age=345600 Server: ocsp_responder Content-Length: 468 X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 468 Md5: 6bf50ec404fb4a8b4a94be8390d11938 Sha1: 0caaab7704d6221abc5e0342909a4928cee50b1c Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
POST /GTSGIAG3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Content-Length: 107 Content-Type: application/ocsp-request	172.217.20.46 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 13 Jan 2018 21:06:54 GMT Cache-Control: public, max-age=345600 Server: ocsp_responder Content-Length: 463 X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 463 Md5: cc9b99e5cd1a0d8358a95cf82469b405 Sha1: abd59732bc64c1c36016fd9a844a0d8798faf123 Sha256: 3668ea2e29faa223d5ad9e8b62c0266bd7dd4f6f07829a87072317e1aecb83b4
GET /adsid/integrator.js?domain=domainpark.sitelutions.com HTTP/1.1 Host: adservice.google.no User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at	216.58.211.130 HTTP/1.1 200 OK Content-Type: application/javascript; charset=UTF-8 P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." Timing-Allow-Origin: * Cache-Control: private, no-cache, no-store X-Content-Type-Options: nosniff Content-Disposition: attachment; filename="f.txt" Content-Encoding: gzip Date: Sat, 13 Jan 2018 21:06:54 GMT Server: cafe X-XSS-Protection: 1; mode=block Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" Transfer-Encoding: chunked --- Additional Info --- Magic: gzip compressed data, max compression Size: 107 Md5: 5432a558d422eaeaa6f7e8a15c0c1134 Sha1: 252ee6dbb502fd998fbdc5721da5986b877f1c73 Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
POST /ocsp HTTP/1.1 Host: clients1.google.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Content-Length: 107 Content-Type: application/ocsp-request	172.217.20.46 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 13 Jan 2018 21:06:55 GMT Cache-Control: public, max-age=345600 Server: ocsp_responder Content-Length: 463 X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 463 Md5: 3d87b5a25ef9cab18b3cbb1a807e79db Sha1: 24c8a4a45b08b5457273374d6396b2798b31183e Sha256: d4df403d9972b223c8239306aa478e74141c0830ce3ac1a313c1702754dfa82b
POST / HTTP/1.1 Host: g.symcd.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Content-Length: 115 Content-Type: application/ocsp-request	23.43.139.27 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx/1.10.2 Content-Length: 1391 Content-Transfer-Encoding: binary Cache-Control: max-age=479348, public, no-transform, must-revalidate Last-Modified: Fri, 12 Jan 2018 10:14:07 GMT Expires: Fri, 19 Jan 2018 10:14:07 GMT Date: Sat, 13 Jan 2018 21:06:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 1391 Md5: b782a360b93b63de361e0eb23543738a Sha1: 19ceb6b5ff416f1c39920f7b9c5f13529ca5c471 Sha256: 19918dbd8a911df022890986ec165e3b9fdcc494a5e2cb2d5bb60f8d9e016249
GET /image_files/dot.gif HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/include_files/css/sitelutions1.css Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613	104.20.23.95 HTTP/1.1 200 OK Content-Type: image/gif Date: Sat, 13 Jan 2018 21:06:55 GMT Content-Length: 36 Connection: keep-alive Cf-Bgj: imgq:85 Cf-Polished: origSize=44 Etag: "534d3a5a-2c" Last-Modified: Tue, 15 Apr 2014 13:55:38 GMT CF-Cache-Status: HIT Vary: Accept-Encoding Expires: Sun, 14 Jan 2018 01:06:55 GMT Cache-Control: public, max-age=14400 Accept-Ranges: bytes Server: cloudflare CF-RAY: 3dcb526c920242af-OSL --- Additional Info --- Magic: GIF image data, version 87a, 3 x 3 Size: 36 Md5: e1f94d1ab145619799ea4933d1615db0 Sha1: 79541b4c6d0d6996f37e344139a374c7225ee681 Sha256: 0cabaf36aa26692377d96cb1a6ff6b6daa97817156b352793bb76119a00e4653
GET /pagead/html/r20180108/r20170110/zrt_lookup.html HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at	216.58.211.130 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Date: Fri, 12 Jan 2018 20:11:55 GMT Expires: Fri, 26 Jan 2018 20:11:55 GMT Etag: 17582403666037489517 X-Content-Type-Options: nosniff Content-Encoding: gzip Server: cafe Content-Length: 6816 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=1209600 Age: 89700 Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" --- Additional Info --- Magic: gzip compressed data, max compression Size: 6816 Md5: f1d38e7277050f91ea4311a219bd84af Sha1: eebd06bb40587e88be00e4ce08ec2176c198af7a Sha256: 7bd792e2540f6b173a45c462878b9a435c0842645c242188d7e324a75e173667
GET /pagead/js/r20180108/r20170110/osd.js HTTP/1.1 Host: pagead2.googlesyndication.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at	216.58.211.130 HTTP/1.1 200 OK Content-Type: text/javascript; charset=UTF-8 P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Timing-Allow-Origin: * Date: Fri, 12 Jan 2018 20:11:51 GMT Expires: Fri, 26 Jan 2018 20:11:51 GMT Etag: 11980724546551445463 X-Content-Type-Options: nosniff Content-Disposition: attachment; filename="f.txt" Content-Encoding: gzip Server: cafe Content-Length: 30311 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=1209600 Age: 89704 Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" --- Additional Info --- Magic: gzip compressed data, max compression Size: 30311 Md5: f2ead96a634719fba9ad6ca10087a684 Sha1: a4b7e3db95d00de9e1056057c25cb1ac7d51fabe Sha256: 0a825c51fe345a56f5937ea0b4df5fc71bd2d7f27e213b79b51bca8b40c5b875
GET /adsid/integrator.js?domain=domainpark.sitelutions.com HTTP/1.1 Host: adservice.google.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at	216.58.211.130 HTTP/1.1 200 OK Content-Type: application/javascript; charset=UTF-8 P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." Timing-Allow-Origin: * Cache-Control: private, no-cache, no-store X-Content-Type-Options: nosniff Content-Disposition: attachment; filename="f.txt" Content-Encoding: gzip Date: Sat, 13 Jan 2018 21:06:55 GMT Server: cafe X-XSS-Protection: 1; mode=block Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" Transfer-Encoding: chunked --- Additional Info --- Magic: gzip compressed data, max compression Size: 107 Md5: 5432a558d422eaeaa6f7e8a15c0c1134 Sha1: 252ee6dbb502fd998fbdc5721da5986b877f1c73 Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
GET /pagead/ads?client=ca-pub-2844624690808284&output=html&h=90&adk=2796962729&adf=2696856949&w=728&lmt=1515877613&loeid=38893312&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0000FF&color_text=000000&color_url=008000&url=http%3A%2F%2Fdomainpark.sitelutions.com%2Fredir_not_found%2Fredir_not_found.shtml%3Fwww2.joinsmartscanrr.isgre.at&ea=0&flash=10.0.45&wgl=0&dt=1515877613790&bpp=278&fdt=286&idt=490&shv=r20180108&cbv=r20170110&saldr=sa&correlator=76534851150&frm=20&ga_vid=842510833.1515877615&ga_sid=1515877615&ga_hid=562864657&ga_fc=0&pv=2&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=15&ady=552&biw=1176&bih=754&abxe=1&scr_x=0&scr_y=0&eid=38893302%2C21061122%2C191880502%2C370204013&oid=3&nmo=1&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=1075 HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at	216.58.211.130 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * X-Content-Type-Options: nosniff Content-Encoding: gzip Date: Sat, 13 Jan 2018 21:06:55 GMT Server: cafe Cache-Control: private X-XSS-Protection: 1; mode=block Set-Cookie: test_cookie=CheckForPermission; expires=Sat, 13-Jan-2018 21:21:55 GMT; path=/; domain=.doubleclick.net Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" Expires: Sat, 13 Jan 2018 21:06:55 GMT Transfer-Encoding: chunked --- Additional Info --- Magic: gzip compressed data, max compression Size: 82 Md5: 87b49554493c15fb23b8e5d2f13b1ebf Sha1: 328cbcb1c58530fd3f554ca7386ef7a85e1e982f Sha256: 590b4bba70579d67368d97259fc85f56fda4fa5cb82f404fa8ec67a43369db17
GET /pub-config/r20160913/ca-pub-2844624690808284.js HTTP/1.1 Host: pagead2.googlesyndication.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at	216.58.211.130 HTTP/1.1 200 OK Content-Type: text/javascript Date: Sat, 13 Jan 2018 19:42:55 GMT Expires: Sun, 14 Jan 2018 07:42:55 GMT X-Content-Type-Options: nosniff Content-Encoding: gzip Server: sffe Content-Length: 88 X-XSS-Protection: 1; mode=block Cache-Control: public, max-age=43200 Age: 5040 Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35" --- Additional Info --- Magic: gzip compressed data, max compression Size: 88 Md5: 447300cfe76a026545c27482e7ada077 Sha1: 995fa7efb4f9b8be29ea4c3c69a361e0a1f27ba1 Sha256: 994d8a1f3b94c1b503343b827ffd37a0a2a50015d48a054812591825cc305a40
GET /ga.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at	172.217.20.46 HTTP/1.1 200 OK Content-Type: text/javascript Strict-Transport-Security: max-age=10886400; includeSubDomains; preload Timing-Allow-Origin: * Date: Sat, 13 Jan 2018 20:38:48 GMT Expires: Sat, 13 Jan 2018 22:38:48 GMT Last-Modified: Mon, 13 Nov 2017 20:19:12 GMT X-Content-Type-Options: nosniff Vary: Accept-Encoding Content-Encoding: gzip Server: Golfe2 Content-Length: 17172 Cache-Control: public, max-age=7200 Age: 1687 --- Additional Info --- Magic: gzip compressed data, max compression Size: 17172 Md5: 43adefe535269f3b75e0f229d0dba4d6 Sha1: 5e3bed19757401b3aa6c8ab8b5f26aa17add8a3a Sha256: fc7f9d5234f97de0433021d02e8969a93003d90bf16d40a9cb2d8f5c7bfaa398
GET /r/__utm.gif?utmwv=5.7.1&utms=1&utmn=1556583949&utmhn=domainpark.sitelutions.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1176x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Redirect%20Not%20Found%20www2.joinsmartscanrr.isgre.at&utmhid=562864657&utmr=-&utmp=%2Fredir_not_found%2Fredir_not_found.shtml%3Fwww2.joinsmartscanrr.isgre.at&utmht=1515877615368&utmac=UA-9495639-6&utmcc=__utma%3D90851141.116884710.1515877615.1515877615.1515877615.1%3B%2B__utmz%3D90851141.1515877615.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1105581248&utmredir=1&utmu=DBAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://domainpark.sitelutions.com/redir_not_found/redir_not_found.shtml?www2.joinsmartscanrr.isgre.at	172.217.20.46 HTTP/1.1 200 OK Content-Type: image/gif Access-Control-Allow-Origin: * Date: Sat, 13 Jan 2018 21:06:55 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate Last-Modified: Sun, 17 May 1998 03:00:00 GMT X-Content-Type-Options: nosniff Server: Golfe2 Content-Length: 35 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1 Size: 35 Md5: 28d6814f309ea289f847c69cf91194c6 Sha1: 0f4e929dd5bb2564f7ab9c76338e04e292a42ace Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /redir_not_found/favicon.ico HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613; __utma=90851141.116884710.1515877615.1515877615.1515877615.1; __utmb=90851141.1.10.1515877615; __utmc=90851141; __utmz=90851141.1515877615.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1	104.20.23.95 HTTP/1.1 404 Not Found Content-Type: text/html Date: Sat, 13 Jan 2018 21:06:55 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Cache-Status: HIT Vary: Accept-Encoding Expires: Sun, 14 Jan 2018 01:06:55 GMT Cache-Control: public, max-age=14400 Server: cloudflare CF-RAY: 3dcb527860694279-OSL Content-Encoding: gzip --- Additional Info --- Magic: gzip compressed data, from Unix Size: 1035 Md5: a80132a2c341218e8d57d9e095169abd Sha1: 34301e3ffbb6f9c6e3ad57d2d29ae9a71bb941b4 Sha256: 1c78658fcb8324240196b8db69e1353002a4751ac2ab342e8c4ad63eaa4d6f39
GET /redir_not_found/favicon.ico HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613; __utma=90851141.116884710.1515877615.1515877615.1515877615.1; __utmb=90851141.1.10.1515877615; __utmc=90851141; __utmz=90851141.1515877615.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1	104.20.23.95 HTTP/1.1 404 Not Found Content-Type: text/html Date: Sat, 13 Jan 2018 21:06:56 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Cache-Status: HIT Vary: Accept-Encoding Expires: Sun, 14 Jan 2018 01:06:56 GMT Cache-Control: public, max-age=14400 Server: cloudflare CF-RAY: 3dcb527f22374297-OSL Content-Encoding: gzip --- Additional Info --- Magic: gzip compressed data, from Unix Size: 1035 Md5: a80132a2c341218e8d57d9e095169abd Sha1: 34301e3ffbb6f9c6e3ad57d2d29ae9a71bb941b4 Sha256: 1c78658fcb8324240196b8db69e1353002a4751ac2ab342e8c4ad63eaa4d6f39
GET /redir_not_found/favicon.ico HTTP/1.1 Host: domainpark.sitelutions.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: __cfduid=da1127a78b447fc01421d634b979fedbf1515877613; __utma=90851141.116884710.1515877615.1515877615.1515877615.1; __utmb=90851141.1.10.1515877615; __utmc=90851141; __utmz=90851141.1515877615.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none); __utmt=1	104.20.23.95 HTTP/1.1 404 Not Found Content-Type: text/html Date: Sat, 13 Jan 2018 21:06:56 GMT Transfer-Encoding: chunked Connection: keep-alive CF-Cache-Status: HIT Vary: Accept-Encoding Expires: Sun, 14 Jan 2018 01:06:56 GMT Cache-Control: public, max-age=14400 Server: cloudflare CF-RAY: 3dcb527f34e3428b-OSL Content-Encoding: gzip --- Additional Info --- Magic: gzip compressed data, from Unix Size: 1035 Md5: a80132a2c341218e8d57d9e095169abd Sha1: 34301e3ffbb6f9c6e3ad57d2d29ae9a71bb941b4 Sha256: 1c78658fcb8324240196b8db69e1353002a4751ac2ab342e8c4ad63eaa4d6f39