Overview

URL dfarq.homeip.net
IP99.161.81.76
ASNAS7018 AT&T Services, Inc.
Location United States
Report completed2018-09-05 23:19:02 CEST
StatusLoading report..
urlQuery Alerts DynDNS domain detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 2 reports on IP: 99.161.81.76

Date UQ / IDS / BL URL IP
2018-08-22 04:56:36 +0200
24 - 0 - 0 dfarq.homeip.net 99.161.81.76
2018-08-09 15:53:50 +0200
32 - 0 - 0 https://dfarq.homeip.net/intel-nic-vs-realtek/ 99.161.81.76

Last 10 reports on ASN: AS7018 AT&T Services, Inc.

Date UQ / IDS / BL URL IP
2018-09-20 22:38:39 +0200
0 - 0 - 0 12.233.99.177 12.233.99.177
2018-09-19 17:13:37 +0200
0 - 0 - 0 SweetC@mcohio.org 12.197.122.54
2018-09-17 11:55:27 +0200
0 - 0 - 0 12.205.40.83 12.205.40.83
2018-09-17 11:10:01 +0200
0 - 0 - 0 supplyhq.com 12.28.254.35
2018-09-17 11:08:11 +0200
0 - 0 - 0 12.11.110.19 12.11.110.19
2018-09-17 11:01:19 +0200
0 - 0 - 0 supplyhq.com 12.28.254.35
2018-09-17 10:47:11 +0200
0 - 0 - 0 https://thestudy.us/~rupton/protected/photos/ (...) 104.6.234.145
2018-09-17 10:24:51 +0200
0 - 0 - 0 iome-mindoverstress-highmarkwpa.com 157.154.4.237
2018-09-17 10:05:18 +0200
0 - 0 - 0 www.supplyhq.com 12.28.254.35
2018-09-09 18:11:08 +0200
0 - 0 - 0 supplyhq.com 12.28.254.35

Last 6 reports on domain: dfarq.homeip.net

Date UQ / IDS / BL URL IP
2018-08-22 04:56:36 +0200
24 - 0 - 0 dfarq.homeip.net 99.161.81.76
2018-08-09 15:53:50 +0200
32 - 0 - 0 https://dfarq.homeip.net/intel-nic-vs-realtek/ 99.161.81.76
2018-03-17 07:34:01 +0100
3 - 0 - 0 dfarq.homeip.net 47.50.229.186
2018-01-31 16:08:01 +0100
8 - 0 - 0 dfarq.homeip.net 47.50.229.186
2017-11-10 11:08:33 +0100
7 - 0 - 0 dfarq.homeip.net 47.50.229.186
2017-11-08 10:29:50 +0100
8 - 0 - 0 dfarq.homeip.net 47.50.229.186


JavaScript

Executed Scripts (38)


Executed Evals (2)

#1 JavaScript::Eval (size: 17, repeated: 1) - SHA256: 17f5bfdbae6b35ae8bc3b27c069526d694021fe1e37a8027678e770fbb05e061

                                        /*@cc_on!@*/
false
                                    

#2 JavaScript::Eval (size: 128, repeated: 1) - SHA256: 291096963c0835784636e9d2975d6a6c43b551e3a94fe336739a8c784fdb0612

                                        var date = new Date(new Date().getTime() + 365 * 24 * 60 * 60 * 1000);
document.cookie = "paddos_hYPC7=1; path=/; expires=" + date.toUTCString();
                                    

Executed Writes (4)

#1 JavaScript::Write (size: 624, repeated: 1) - SHA256: 403084cb3757340d602956e5a8e6133f5b87322e11f39a419f351242dd78c5cc

                                        < !doctype html > < html > < body > < iframe style = "display:none"
data - ad - client = "ca-pub-1206412096564341"
id = "google_esf"
name = "google_esf"
src = "https://googleads.g.doubleclick.net/pagead/html/r20180829/r20180604/zrt_lookup.html#" > < /iframe><script>google_iframe_start_time=new Date().getTime();google_async_iframe_id="aswift_0";</script > < script > window.google_process_slots = function() {
    window.google_sa_impl({
        iframeWin: window,
        pubWin: window.parent,
        vars: window.parent['google_sv_map']['aswift_0']
    });
}; < /script><script src="https:/ / pagead2.googlesyndication.com / pagead / js / r20180829 / r20180604 / show_ads_impl.js "></script></body></html>
                                    

#2 JavaScript::Write (size: 420, repeated: 1) - SHA256: 2084260d3bda1ed003c4edd18dfa250cf5af4b662cfa38da0b3e4a07f7f11795

                                        < !doctype html > < html > < body > < script > google_iframe_start_time = new Date().getTime();
google_async_iframe_id = "aswift_1"; < /script><script>window.google_process_slots=function(){window.google_sa_impl({iframeWin: window, pubWin: window.parent, vars: window.parent['google_sv_map']['aswift_1']});};</script > < script src = "https://pagead2.googlesyndication.com/pagead/js/r20180829/r20180604/show_ads_impl.js" > < /script></body > < /html>
                                    

#3 JavaScript::Write (size: 1330, repeated: 1) - SHA256: 0a7bae2a7318fdc9a0cb710e059e034ff9693af4b63892eab5fc7979442dc09d

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206412096564341&amp;output=html&amp;adk=1812271804&amp;adf=807048394&amp;lmt=1536182313&amp;plat=1%3A1081352%2C2%3A1081352%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1048576&amp;guci=1.2.0.0.2.2.0&amp;format=0x0&amp;url=https%3A%2F%2Fdfarq.homeip.net%2F&amp;ea=0&amp;flash=10.0.45&amp;pra=5&amp;wgl=0&amp;dt=1536182315646&amp;bpp=2823&amp;fdt=2825&amp;idt=2921&amp;shv=r20180829&amp;cbv=r20180604&amp;saldr=aa&amp;abxe=1&amp;prev_fmts=300x600&amp;nras=1&amp;correlator=4537786050938&amp;frm=20&amp;pv=1&amp;ga_vid=1331961006.1536182317&amp;ga_sid=1536182317&amp;ga_hid=2028969598&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=120&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=0&amp;ady=0&amp;biw=1159&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=21060849&amp;oid=3&amp;rx=0&amp;eae=6&amp;fc=1808&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7Cs%7C&amp;abl=NS&amp;ppjl=u&amp;fu=16&amp;bc=1&amp;ifi=1&amp;dtd=2936"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#4 JavaScript::Write (size: 1270, repeated: 1) - SHA256: 63d9960c2756c4603dfec7e34511544155cf4ac1300555e5fb57f95c0a9a7523

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "300"
height = "600"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1206412096564341&amp;output=html&amp;h=600&amp;slotname=5262998154&amp;adk=1333382682&amp;adf=807048394&amp;w=300&amp;lmt=1536182313&amp;guci=1.2.0.0.2.2.0&amp;format=300x600&amp;url=https%3A%2F%2Fdfarq.homeip.net%2F&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;dt=1536182315646&amp;bpp=172&amp;fdt=184&amp;idt=894&amp;shv=r20180829&amp;cbv=r20180604&amp;saldr=aa&amp;abxe=1&amp;correlator=4537786050938&amp;frm=20&amp;pv=2&amp;ga_vid=1331961006.1536182317&amp;ga_sid=1536182317&amp;ga_hid=2028969598&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=120&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=787&amp;ady=881&amp;biw=1159&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=21060849&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=1808&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7Cbr%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=1&amp;dtd=1434"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    


HTTP Transactions (70)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         99.161.81.76
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 05 Sep 2018 21:18:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,Cookie
X-Frame-Options: sameorigin
X-XRDS-Location: https://dfarq.homeip.net/?xrds
X-Yadis-Location: https://dfarq.homeip.net/?xrds
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Location: https://dfarq.homeip.net/
Cache-Control: max-age=1209600
Expires: Wed, 19 Sep 2018 21:18:29 GMT
Content-Length: 0
Keep-Alive: timeout=5, max=150


--- Additional Info ---

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.91
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "8975C92FECDA054C4C2F23B8C283942C58B526E13782BC8D02F9303D98EB683E"
Last-Modified: Mon, 03 Sep 2018 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43200
Expires: Thu, 06 Sep 2018 09:18:31 GMT
Date: Wed, 05 Sep 2018 21:18:31 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    07020af47e33ad930b3c54dd91a37a87
Sha1:   ee1a2513b297ab492aa8623ee38bbad465f84215
Sha256: 8975c92fecda054c4c2f23b8c283942c58b526e13782bc8d02f9303d98eb683e
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.113
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Sun, 02 Sep 2018 09:47:23 GMT
Etag: "a1223f9be1f70ba0a774c008845dd0596d65ee2c"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=4621
Expires: Wed, 05 Sep 2018 22:35:32 GMT
Date: Wed, 05 Sep 2018 21:18:31 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    e8d2fc1fa0daf4655d65e190d388df63
Sha1:   a1223f9be1f70ba0a774c008845dd0596d65ee2c
Sha256: dda2d7d8dba6c9761ad58e807299649f675119cad66305228369af99e29392d2
                                        
                                            GET / HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: text/html; charset="UTF-8"
                                        
Date: Wed, 05 Sep 2018 21:18:31 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,Cookie
X-Frame-Options: sameorigin
X-XRDS-Location: https://dfarq.homeip.net/?xrds
X-Yadis-Location: https://dfarq.homeip.net/?xrds
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Link: <https://dfarq.homeip.net/wp-json/>; rel="https://api.w.org/", <https://wp.me/16tZM>; rel=shortlink
Cache-Control: max-age=1209600
Expires: Wed, 19 Sep 2018 21:18:31 GMT
Content-Encoding: gzip
Content-Length: 12721
Keep-Alive: timeout=5, max=150


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   12721
Md5:    79181fe25a60ba7f11aadc12ce0f93e2
Sha1:   067eccc5b1f42338c0791cc128b935445e43fe7f
Sha256: 4899c9f4be5c7656f68938e2540e0c26f1659f3b104d3979812ca3382888204a

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=161928
Date: Wed, 05 Sep 2018 21:18:34 GMT
Etag: "5b8ff25b-1d7"
Expires: Fri, 07 Sep 2018 18:14:04 GMT
Last-Modified: Wed, 05 Sep 2018 15:12:27 GMT
Server: ECS (arn/4692)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    5ccbd02f32c88dda850bd789315f3905
Sha1:   8179ff7f28300ff2ad2f88505188d556644df07d
Sha256: b26bc16b253095bdb218cfa3ecbdbec879932e2b39bcb3c0842f24c1b1b9935b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=164566
Date: Wed, 05 Sep 2018 21:18:34 GMT
Etag: "5b90071a-1d7"
Expires: Fri, 07 Sep 2018 18:48:27 GMT
Last-Modified: Wed, 05 Sep 2018 16:40:58 GMT
Server: ECS (arn/469D)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    7d8c265244654246bd1cb859f11b2e39
Sha1:   9ea1b91f4f317a30e0adea54354c81882644b7a6
Sha256: 35ab3f53a87209e79fcf10813f77a251e96dcbbc12fea6585b31d95e6ea1fe10
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=ebcc0ee745edd00712d66f1a10a83f13 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 02 Aug 2018 23:03:12 GMT
Etag: "2efa-5727bd0c939dd-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Wed, 19 Sep 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 4382
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4382
Md5:    fe05400b94a75668a17a99986b4658c3
Sha1:   3b1592b054709be35f5a809244e1117dcb02633e
Sha256: aad5379b020a7c8e338871e1dd0090f6dde8662a1f2053cce95c0fcbcf412116

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    2ecc23230812bc282a6aad91266d3bf8
Sha1:   04a6a4b80c29f04d6978b41bde259bf2ea665201
Sha256: 978caa4b02a36508b986ea197bf6de4a899f3a54591fbd85863629cda12f5720
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    797272a1367725de8f3bb990749474e7
Sha1:   3684810fa8bb5869a2862c1e880e490599c208f7
Sha256: ecdc49b161cc780ccaa8ef32feb9200dfbd9305c73703fd497d39315ea11dbc0
                                        
                                            GET /wp-content/plugins/jetpack/modules/widgets/social-icons/social-icons.css?ver=20170506 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 05 Sep 2018 11:03:12 GMT
Etag: "579-5751db86de6e3-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Fri, 05 Oct 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 563
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   563
Md5:    2b62a39a8a5c29f7fc3dc609d4285786
Sha1:   899177315f84ed71d383543e5330c9ccf351f02f
Sha256: 584c70da46de01687d5d0adc734db51efc460eb7e3d402473321c305c90c3886

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /widgets.js HTTP/1.1 
Host: platform.twitter.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         93.184.220.66
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Content-Encoding: gzip
Cache-Control: public, max-age=1800
Date: Wed, 05 Sep 2018 21:18:34 GMT
Etag: "b0c8c069d8e1d8c49505858350674e7b+gzip"
Last-Modified: Thu, 30 Aug 2018 23:33:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (arn/46CF)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 35615


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Fri Aug 31 01:33:11 2018
Size:   35615
Md5:    aadbffe3ba54cd391a26ce7c8093f1da
Sha1:   8ab7479e8398ef675c426d334b32d6e29a9c4cae
Sha256: 81c4073637c259b16bc9a09bddef9c6b0ee92e75291698eab8c9721b91823ce2
                                        
                                            GET /css?family=Roboto%3A400%2C300%2C100%7CRoboto+Slab%3A700%2C400&ver=ebcc0ee745edd00712d66f1a10a83f13 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         216.58.211.138
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Wed, 05 Sep 2018 21:18:34 GMT
Date: Wed, 05 Sep 2018 21:18:34 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   322
Md5:    edf6b2e84daf097238d72596d5b8876b
Sha1:   a81b5762917131eb60f23ba978f13176e331426a
Sha256: a9255ae9342fc667e1404411111149ae0754595c1e850e6c68b72beb6d195773
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 05 Sep 2018 21:18:34 GMT
Expires: Wed, 05 Sep 2018 21:18:34 GMT
Cache-Control: private, max-age=3600
Etag: 3451209515365972428
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   27329
Md5:    570fd766c69270a13276659cb1bee6cc
Sha1:   ec0abdfe16af93bd35f58af15a31e8e96470ca60
Sha256: ce53839cc3d74e46696fc6e2c352e7d0a979aa50e86b64e94c11153ad28a1984
                                        
                                            GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=ebcc0ee745edd00712d66f1a10a83f13 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 11 Jun 2018 11:03:11 GMT
Etag: "ac0-56e5bb20e4586-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Fri, 05 Oct 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 917
Keep-Alive: timeout=5, max=150


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   917
Md5:    3ce56405b9b26eff0c18da40b6f286bb
Sha1:   b0283b0b79553014778c73ad77a00cbee98ef52b
Sha256: fa2e9a478d177b9e48e6004a3e2a8bbf3beac6f2573a6cdaab3cc5d01a6f7dda

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-content/plugins/jetpack/css/jetpack.css?ver=6.5 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 05 Sep 2018 11:03:12 GMT
Etag: "10948-5751db8721d02-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Fri, 05 Oct 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 12051
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   12051
Md5:    fe99202dce2d98611d0803f239729bb1
Sha1:   0594f0dc1255317ac03cd4efa5ed8557163c6b7a
Sha256: 98f47440e372b3c73d604589a4915b83639ffcb74a30c6c0e30b6d8bb17097b7

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 09 Jul 2016 17:08:55 GMT
Etag: "2748-53736f9674f9c-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Wed, 19 Sep 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 4014
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4014
Md5:    a6c81e2f02bd04160d2de88c4e8f3559
Sha1:   e3f3c91427d785820ca97dabe738f01faf041f36
Sha256: b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-content/themes/accelerate/fontawesome/css/font-awesome.css?ver=4.7.0 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 27 May 2018 13:58:31 GMT
Etag: "9220-56d30656dd8b0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Fri, 05 Oct 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 7438
Keep-Alive: timeout=5, max=150


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7438
Md5:    a3da2d958751f0b1fe34226e55ccc6e2
Sha1:   fe26fe97513deecf856918d339d8140e0e33d44e
Sha256: a3c413b67d819ffd1df4c0c360bc34fb6fb2f4234c58a0358d0e0fb6edbd0bb9

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-content/themes/accelerate/style.css?ver=ebcc0ee745edd00712d66f1a10a83f13 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 27 May 2018 13:58:31 GMT
Etag: "b2e8-56d30656d9a30-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Fri, 05 Oct 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 9718
Keep-Alive: timeout=5, max=150


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   9718
Md5:    527ff9441490a5c26921d31de7baf395
Sha1:   3959a8157ad5727bb1b957c994b748bba9b0d54a
Sha256: a3cdb7551c717e10ea6cd20fd4845ec5e7fc78c19603bab783514b1c46a1f2cd

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-content/plugins/popular-posts-tab-widget-for-jetpack/tab.css?ver=ebcc0ee745edd00712d66f1a10a83f13 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 08 Aug 2016 03:36:32 GMT
Etag: "924-539871f57d251-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Fri, 05 Oct 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 690
Keep-Alive: timeout=5, max=150


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   690
Md5:    16fb5bcc6a9a61894715e7ee892c3fa9
Sha1:   7cef39fddb7ee283b9a78fd9da4f8c9230995ff6
Sha256: 3b89ca03caa06d8f67f86fd610b4a5b992319336f0f55eaacbf08f44ec95d401

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-includes/css/dashicons.min.css?ver=ebcc0ee745edd00712d66f1a10a83f13 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 17 Nov 2017 04:01:41 GMT
Etag: "b518-55e25cb4c35f7-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Fri, 05 Oct 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 28645
Keep-Alive: timeout=5, max=150


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   28645
Md5:    2088c619661b6f5bf07fd11ebd653425
Sha1:   2a21899f1fa61c7c199c7f63885fed2d002adb35
Sha256: 792217e1d2d81061985100588cc7327f6b42c461b524cc8428bb5e9019684c0a

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=1.2.44 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 11 Jun 2018 11:03:11 GMT
Etag: "14f0-56e5bb20e5526-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Wed, 19 Sep 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 1217
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1217
Md5:    4708b0d92e1e79fb2d7c55977533c0ca
Sha1:   a209cf989ea4aaa196874a0e69a87c213a62015a
Sha256: 7db169e5156d268614a420b8de31c2e7f8c17c61745dcb014ccaef55b901c7f5

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 09 Jul 2016 17:08:55 GMT
Etag: "17ba0-53736f9673ffc-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Wed, 19 Sep 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 33766
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   33766
Md5:    d417f4d673009b01654915bbf1f4f872
Sha1:   f432ea8e89e5f4ef50e506019899e539a068f415
Sha256: 24560d81ded58e8befabf32ff51f5b6ae6f21eead0a5f87c255e3b47b988d1cc

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-content/plugins/popular-posts-tab-widget-for-jetpack/tab.js?ver=ebcc0ee745edd00712d66f1a10a83f13 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 08 Aug 2016 03:36:32 GMT
Etag: "7f8-539871f57d251-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Wed, 19 Sep 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 814
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   814
Md5:    24479b829bd01d08ef056575220d65f9
Sha1:   5c3ddfb311189205965696a8860c8ca71bf49b59
Sha256: 704c3ae63cf4745915854afdac70922f0f640748842543d7f0d93d40f3e43c3d

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-content/themes/accelerate/js/accelerate-custom.js?ver=ebcc0ee745edd00712d66f1a10a83f13 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 27 May 2018 13:58:31 GMT
Etag: "18f-56d30656dd8b0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Wed, 19 Sep 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 215
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   215
Md5:    0959fa2e78e9de7b1851ecffc83df6c9
Sha1:   1eb6309d7a6a583aac95559579e524fc8471ac9e
Sha256: af9e3d382ee0651536ff8a9bbe70c17f04fd55e851181cae643328c0516c2013

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            POST / HTTP/1.1 
Host: ocsp.godaddy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         50.63.243.230
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Sep 2018 21:18:35 GMT
Server: Apache
Content-Transfer-Encoding: Binary
Cache-Control: max-age=107652, public, no-transform, must-revalidate
Last-Modified: Wed, 05 Sep 2018 16:47:13 GMT
Expires: Fri, 07 Sep 2018 04:47:13 GMT
Etag: "4b799665423e3157cee59da8435e11951d93a8db"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
Content-Length: 1776
Connection: close


--- Additional Info ---
Magic:  data
Size:   1776
Md5:    4f9dcaa516c3c155b4d962d2686718fc
Sha1:   4b799665423e3157cee59da8435e11951d93a8db
Sha256: a7f8dfc6cb4aaf6e40ee1422a62d1209b1457f0db3a7d9fdd4896ed81da54a68
                                        
                                            GET /wp-content/plugins/jetpack/_inc/build/lazy-images/js/lazy-images.min.js?ver=6.5 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 05 Sep 2018 11:03:12 GMT
Etag: "20f6-5751db870e482-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Wed, 19 Sep 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 3064
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3064
Md5:    0b7d89b838cd307e4fc4b0b0e61b6d39
Sha1:   b18c66d6b739696c04aa964f03a20c77ba5ae2d5
Sha256: a62a033855f898b627df7eaf93d00f759bd915b9f65b8c72dedec96d0676d6b5

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-content/themes/accelerate/js/navigation.js?ver=ebcc0ee745edd00712d66f1a10a83f13 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 27 May 2018 13:58:31 GMT
Etag: "adf-56d30656dd8b0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Wed, 19 Sep 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 965
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   965
Md5:    faa2ffd232bc1e52b20b3d26b305fa04
Sha1:   c754bc86bb870471dc9b15556810e29d243ec3eb
Sha256: e0b9bb5d024e0773deff0260881ca27f69498487d56ca7df50b1c7d2852b5a44

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Fri, 31 Aug 2018 05:30:35 GMT
Etag: CC31C8DB824835649B7D584D796C16F695F542E8
X-OCSP-Responder-ID: rmdccaocsp28
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=115369
Expires: Fri, 07 Sep 2018 05:21:24 GMT
Date: Wed, 05 Sep 2018 21:18:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    2f768b04843a52bbbd7339617c05a02d
Sha1:   cc31c8db824835649b7d584d796c16f695f542e8
Sha256: f1112f77b28f96a2285577ace917fb811c6377d9b574c0fe0080c1f65183b2a0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 30 Aug 2018 11:00:19 GMT
Etag: 11F80D8C34A2F6DA51032BB33E0A1917EDB0629D
X-OCSP-Responder-ID: rmdccaocsp14
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=48714
Expires: Thu, 06 Sep 2018 10:50:29 GMT
Date: Wed, 05 Sep 2018 21:18:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    61a19390f682f57d8a4db0c5b08ec24e
Sha1:   11f80d8c34a2f6da51032bb33e0a1917edb0629d
Sha256: fa1383c2ddcf3839d6a4c51e6af810b3afd53bff20d57586f97f7b8a935602ca
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 30 Aug 2018 11:00:19 GMT
Etag: 82EC813BEC61D8DC27A596B70BDFD6EED82B4EF7
X-OCSP-Responder-ID: rmdccaocsp13
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=48738
Expires: Thu, 06 Sep 2018 10:50:53 GMT
Date: Wed, 05 Sep 2018 21:18:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    2c9803c3f5614bd36755e15a59b4151e
Sha1:   82ec813bec61d8dc27a596b70bdfd6eed82b4ef7
Sha256: f73ba41e8b0976caa4940c7465905260f471a5e8c71ddd76d5c6c49a80bdffd4
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=ebcc0ee745edd00712d66f1a10a83f13 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 07 Dec 2016 01:05:21 GMT
Etag: "576-543071d79848f-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Wed, 19 Sep 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 751
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   751
Md5:    7542039ce963ffd18ad4fb7be13bd2be
Sha1:   8385e433e8e65739fc27b6bd16b1a7ae71b11084
Sha256: a70bca1336a4ac7592ce631cbb22c9ebb01d60461d221ac7a46f91a4ccfd1255

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Length: 282
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   282
Md5:    cb0db2be1748533b7901b69f04baa66d
Sha1:   a091d9e16134e5da95bb57ecc52b523bbbf86ab0
Sha256: 483c05dd9ba03dc4fe2c2470eab671c29bef47d6d5a081a50f71801dee69eff3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20130122 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 05 Sep 2018 11:03:12 GMT
Etag: "244-5751db870f422-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Wed, 19 Sep 2018 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 356
Keep-Alive: timeout=5, max=144
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   356
Md5:    19c91e0719a56fe6d4256cc271904747
Sha1:   689836dd9728676d1afbf6e86344df20bc81d6b4
Sha256: 4f8f616ede05ad0ac39b249b142e20086bbdc38cb455670f074f4692b24c590f

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /wp-includes//images/wpspin-2x.gif HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 05 Sep 2018 21:18:34 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 28 Oct 2014 22:02:22 GMT
Etag: "23ad-50682cd36f780-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=84600, public
Expires: Thu, 05 Sep 2019 21:18:34 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
Content-Length: 8288
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8288
Md5:    6f09f56d300589f56516152d22428b94
Sha1:   d25759607ec390a165c6a726ec33b222a4065691
Sha256: 715d4eec39e4054d7bbfcee37a53c8b570d1a9ddb5141cca9322cdc1054494a0

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /e-201836.js HTTP/1.1 
Host: stats.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         192.0.76.3
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Wed, 05 Sep 2018 21:18:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5abc2267-32a7"
Content-Encoding: gzip
Expires: Fri, 30 Aug 2019 12:23:51 GMT
Cache-Control: max-age=31536000


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2892
Md5:    cfa9e9af1ab5a31efabccf051d345999
Sha1:   d06f971730222dac1e055b6951437a10c59a8c20
Sha256: 25f90d28ef3c41ea5940f2db37013b71cc6dfdc3fec7e47fbf28b3511e459803
                                        
                                            GET /wp-content/js/devicepx-jetpack.js?ver=201836 HTTP/1.1 
Host: s0.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         192.0.77.32
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx
Date: Wed, 05 Sep 2018 21:18:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5841a56f-52b6"
Content-Encoding: gzip
Expires: Fri, 30 Aug 2019 12:23:51 GMT
Cache-Control: max-age=31536000
X-ac: 4.arn _dca
X-nc: HIT arn 32


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3163
Md5:    844b0e2ae8eba4159dd5edd8efbde50c
Sha1:   757861da25bea58b1bc03203f65ae93673cfc065
Sha256: ef84d445c23339e2c3742857d7e020c89d639f1ddc434b6f6a585ac9907bbb92
                                        
                                            GET /ti.js HTTP/1.1 
Host: cdn.tynt.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         104.16.88.26
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 05 Sep 2018 21:18:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dbf37a691d2f39f1ef57e104b0c3825991536182315; expires=Thu, 05-Sep-19 21:18:35 GMT; path=/; domain=.tynt.com; HttpOnly
Last-Modified: Tue, 10 Apr 2018 18:36:40 GMT
Vary: Accept-Encoding
Etag: W/"5acd0438-ad74"
Content-Encoding: gzip
CF-Cache-Status: HIT
Expires: Sat, 08 Sep 2018 21:18:35 GMT
Cache-Control: public, max-age=259200
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 455bbab05a3a427f-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   15759
Md5:    72911a541e41fa4ce2e5edd90f1bf9d4
Sha1:   6cf9e7331d5f068385f434a08f1f9b4c9e54344e
Sha256: fad856840608d1ccf9d95630882181478bdac709a850dc8e42a131fcfdf7a46b
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.20.46
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 05 Sep 2018 21:18:35 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    c5a88029b9e22bdc39111d1b1f5cefbe
Sha1:   89fed431b9db86bb969a0e92a2335dc6086e37ca
Sha256: 45e064ddb81acaf2937ffd58dcbd71cc2f9b6cb29e9f17ed572a051d82547318
                                        
                                            GET /image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         99.161.81.76
HTTP/1.1 403 Forbidden
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Wed, 05 Sep 2018 21:18:35 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Length: 282
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   282
Md5:    cb0db2be1748533b7901b69f04baa66d
Sha1:   a091d9e16134e5da95bb57ecc52b523bbbf86ab0
Sha256: 483c05dd9ba03dc4fe2c2470eab671c29bef47d6d5a081a50f71801dee69eff3

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc-.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C100%7CRoboto+Slab%3A700%2C400&ver=ebcc0ee745edd00712d66f1a10a83f13
Origin: https://dfarq.homeip.net

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 19916
Date: Sat, 25 Aug 2018 03:20:04 GMT
Expires: Sun, 25 Aug 2019 03:20:04 GMT
Last-Modified: Mon, 16 Oct 2017 17:32:44 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1015112
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   19916
Md5:    a1471d1d6431c893582a5f6a250db3f9
Sha1:   ff5673d89e6c2893d24c87bc9786c632290e150e
Sha256: 3ab30e780c8b0bcc4998b838a5b30c3bfe28edead312906dc3c12271fae0699a
                                        
                                            GET /script/sc/d8BvuGGy4r5QXWrkHcnlKl.js HTTP/1.1 
Host: sc.tynt.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/
Cookie: __cfduid=dbf37a691d2f39f1ef57e104b0c3825991536182315

                                         
                                         104.16.88.26
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Date: Wed, 05 Sep 2018 21:18:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Status: 200 OK
X-Rack-Cache: fresh
Cache-Control: max-age=86400, public, s-maxage=172800
Last-Modified: Sun, 02 Sep 2018 14:16:34 GMT
X-XSS-Protection: 1; mode=block
X-Request-Id: d454c3ab-cf69-44dc-a670-b81b75e327e8
X-Content-Digest: d4de484cbf62fe04549659635aa57de6513b3dd5
X-Runtime: 0.002539
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Expires: Mon, 03 Sep 2018 14:24:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 455bbab43ea24285-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   77
Md5:    adbf7db6d23cb992a6c86969392098b7
Sha1:   77412e41b5627e5ae8fc0fbb01409edee3d97a37
Sha256: 7ca9b92cc2be9795d55bf22101f45b6789f3ac13516fb9246006ecaedfa86d37
                                        
                                            GET /s/robotoslab/v7/BngMUXZYTXPIvIBgJJSb6ufN5qM.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C100%7CRoboto+Slab%3A700%2C400&ver=ebcc0ee745edd00712d66f1a10a83f13
Origin: https://dfarq.homeip.net

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 21700
Date: Tue, 28 Aug 2018 09:35:48 GMT
Expires: Wed, 28 Aug 2019 09:35:48 GMT
Last-Modified: Wed, 11 Oct 2017 18:31:32 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 733368
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   21700
Md5:    a33f5bf82e263ebbf148b6518563a8a6
Sha1:   a75088a46d79d4d04149b931c64aac5e030d69fa
Sha256: f2c510c36ca228b54b4f35a1fdfa6d439432e801ad9d7d7c625e16af8a7c2438
                                        
                                            GET /pagead/js/r20180829/r20180604/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 05 Sep 2018 21:18:36 GMT
Expires: Wed, 05 Sep 2018 21:18:36 GMT
Cache-Control: private, max-age=1209600
Etag: 5361348500264567456
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   74567
Md5:    b3e4f5acd18ce1268c51b0a3742cceb4
Sha1:   cef6abdc363dc6cf4a936365f7465e0fec3a69a6
Sha256: c80c26c48667ebc34f75f9513812522ba2e654c5b2bea6eb010d7f010a3957ae
                                        
                                            GET /pagead/html/r20180829/r20180604/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 30 Aug 2018 04:41:30 GMT
Expires: Thu, 13 Sep 2018 04:41:30 GMT
Etag: 18162506661661110595
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6931
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 578227
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6931
Md5:    5d7f15972eee141e37e377501d936393
Sha1:   f0fc7f15fa0e22d6cd348549faf7168b0a8bceba
Sha256: 29f743f2bf323c5dacbc183c93332149e8013692e837f019015382d88065f6de
                                        
                                            GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxM.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C100%7CRoboto+Slab%3A700%2C400&ver=ebcc0ee745edd00712d66f1a10a83f13
Origin: https://dfarq.homeip.net

                                         
                                         216.58.211.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 19824
Date: Tue, 28 Aug 2018 20:12:16 GMT
Expires: Wed, 28 Aug 2019 20:12:16 GMT
Last-Modified: Mon, 16 Oct 2017 17:32:56 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 695180
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  data
Size:   19824
Md5:    bafb105baeb22d965c70fe52ba6b49d9
Sha1:   934014cc9bbe5883542be756b3146c05844b254f
Sha256: 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed
                                        
                                            GET /pagead/js/r20180829/r20180604/osd.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Fri, 31 Aug 2018 12:58:44 GMT
Expires: Fri, 14 Sep 2018 12:58:44 GMT
Etag: 17471946040751784388
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 26596
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 461993
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   26596
Md5:    8b830d8f1fbc5b0ace2be0c279e0a396
Sha1:   cef5b2e66e2b61180dda2df8dcc2739d8544fdf6
Sha256: a2169d8476537cc18b795877bba569a90feafdfca2424483c5a202fae8f2029e
                                        
                                            GET /pub-config/r20160913/ca-pub-1206412096564341.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 125
Date: Wed, 05 Sep 2018 21:18:36 GMT
Expires: Thu, 06 Sep 2018 09:18:36 GMT
Cache-Control: public, max-age=43200
Last-Modified: Tue, 04 Sep 2018 22:22:38 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   125
Md5:    21aea2dae0239adff4f9f063cdacfc76
Sha1:   ce64c497ac1dd86393da79e8cea239de113c1de7
Sha256: a59ee78166b8467dd7dd8c7acb03d8df7d16cf4a04f45c8558366df1c33b868f
                                        
                                            GET /wp-content/themes/accelerate/fontawesome/fonts/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/wp-content/themes/accelerate/fontawesome/css/font-awesome.css?ver=4.7.0

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Date: Wed, 05 Sep 2018 21:18:36 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Sun, 27 May 2018 13:58:31 GMT
Etag: "17ee8-56d30656dc910-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=1209600
Expires: Wed, 19 Sep 2018 21:18:36 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   97913
Md5:    e7377da8bfb53ad1fb67de07431e03e5
Sha1:   712d41be5fe0917ce989cc00e6a9115dfcebb1ef
Sha256: 281d55937c8f186620712c6f512f6b7427d371080f2923be3faf9f56c9e067c5

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /deb/v2?id=d8BvuGGy4r5QXWrkHcnlKl&dn=TI&cc=1&r= HTTP/1.1 
Host: de.tynt.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/
Cookie: __cfduid=dbf37a691d2f39f1ef57e104b0c3825991536182315

                                         
                                         208.100.17.187
HTTP/1.1 200
Content-Type: application/javascript
                                        
Cache-Control: max-age=86400
Expires: Thu, 06 Sep 2018 21:18:38 GMT
Content-Length: 4
Date: Wed, 05 Sep 2018 21:18:38 GMT
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    350fd6ef6446635f7a8f608434a405ec
Sha1:   a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
Sha256: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
                                        
                                            GET /b/p?id=d8BvuGGy4r5QXWrkHcnlKl&lm=0&ts=1536182315871&dn=TI&iso=0&img=https%3A%2F%2Fi2.wp.com%2Fdfarq.homeip.net%2Fwp-content%2Fuploads%2F2018%2F09%2Fcommodore-1581-drive.jpg%3Ffit%3D640%252C480%26ssl%3D1&t=The%20Silicon%20Underground%20-%20David%20L.%20Farquhar%2C%20computer%20security%20professional%2C%20train%20hobbyist%2C%20and%20landlord&cu=https%3A%2F%2Fdfarq.homeip.net%2F HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/
Cookie: __cfduid=dbf37a691d2f39f1ef57e104b0c3825991536182315

                                         
                                         208.100.17.181
HTTP/1.1 204 No Content
                                        
Server: nginx/1.14.0
Date: Wed, 05 Sep 2018 21:18:38 GMT
Connection: close
Set-Cookie: uid=CmUMK1uQSC6EOTjQLb/qAg==; expires=Thu, 05-Sep-19 21:18:38 GMT; domain=tynt.com; path=/
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         195.159.219.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Fri, 31 Aug 2018 09:52:02 GMT
Etag: 738A837A20579B13BA8347B7AA58F4947A7078FD
X-OCSP-Responder-ID: rmdccaocsp24
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=130990
Expires: Fri, 07 Sep 2018 09:41:48 GMT
Date: Wed, 05 Sep 2018 21:18:38 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    bda835036c1483af890663ee818f05ce
Sha1:   738a837a20579b13ba8347b7aa58f4947a7078fd
Sha256: f8530629fb8c0a8bfc6b2eb446fbb468300d52622875ef6fd85edf0c06b9eab5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         195.159.219.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 30 Aug 2018 11:00:19 GMT
Etag: 53FB013BD50D10F004EF35AB317D71409871D14B
X-OCSP-Responder-ID: rmdccaocsp24
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=48643
Expires: Thu, 06 Sep 2018 10:49:21 GMT
Date: Wed, 05 Sep 2018 21:18:38 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    50adf54196e18d07875711f3f8b9af7c
Sha1:   53fb013bd50d10f004ef35ab317d71409871d14b
Sha256: 49c630a0435cc1d54b48365e2726c7cb768b0ff57a9825f14636d1ff6df7e8dd
                                        
                                            GET /g.gif?v=ext&j=1%3A6.5&blog=16321610&post=0&tz=-5&srv=dfarq.homeip.net&host=dfarq.homeip.net&ref=&rand=0.11782471594638921 HTTP/1.1 
Host: pixel.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         192.0.76.3
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Wed, 05 Sep 2018 21:18:38 GMT
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 5
Size:   50
Md5:    e4d673a55c5656f19ef81563fb10884c
Sha1:   1f2d8ed221d39329251ad3a6ff1edb20b7219443
Sha256: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
                                        
                                            GET /api/vglnk.js?key=d91942c108fe71c911a7d8ce7bddfaf1 HTTP/1.1 
Host: cdn.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         104.16.161.13
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Wed, 05 Sep 2018 21:18:38 GMT
Content-Length: 27815
Connection: keep-alive
Set-Cookie: __cfduid=d5c8b1ca4c47481d5644db67be548e8ed1536182318; expires=Thu, 05-Sep-19 21:18:38 GMT; path=/; domain=.cdn.viglink.com; HttpOnly
x-amz-id-2: ZKxs3MP/xgrfCUWbVE3RaHXo5gxJURFC7079L7I/ksUQMcIqmse3XUjkTE6SajuGiCKsWC43c5I=
x-amz-request-id: 3070EED56D9BFB84
Last-Modified: Thu, 19 Jul 2018 20:17:17 GMT
Etag: "15468e63d7aba3f957c1cb44354bddfa"
Cache-Control: public, max-age=1800
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Wed, 05 Sep 2018 21:48:38 GMT
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 455bbac4db2942a3-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Thu Jul 19 22:10:14 2018
Size:   27815
Md5:    15468e63d7aba3f957c1cb44354bddfa
Sha1:   dc9a8f3af29dfd6adde6f614696bc3748a9bbd83
Sha256: 3400306b8695ff7d54f0a2b82f88b948283df9e7046a4870a462e570a1a2655e
                                        
                                            GET /pagead/ads?client=ca-pub-1206412096564341&output=html&adk=1812271804&adf=807048394&lmt=1536182313&plat=1%3A1081352%2C2%3A1081352%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1048576&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2Fdfarq.homeip.net%2F&ea=0&flash=10.0.45&pra=5&wgl=0&dt=1536182315646&bpp=2823&fdt=2825&idt=2921&shv=r20180829&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=4537786050938&frm=20&pv=1&ga_vid=1331961006.1536182317&ga_sid=1536182317&ga_hid=2028969598&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=0&ady=0&biw=1159&bih=754&scr_x=0&scr_y=0&eid=21060849&oid=3&rx=0&eae=6&fc=1808&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=1&ifi=1&dtd=2936 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 05 Sep 2018 21:18:38 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Wed, 05-Sep-2018 21:33:38 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Expires: Wed, 05 Sep 2018 21:18:38 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   64
Md5:    0781e865abae44cf8b10dc725d63f539
Sha1:   c9f5024f2a546880e819749c32e23830fef111cb
Sha256: 24a7e2c0a5b68aec6126a39465b792b761aab892d7060d78fbab1e14a4cf3363
                                        
                                            GET /pagead/ads?client=ca-pub-1206412096564341&output=html&h=600&slotname=5262998154&adk=1333382682&adf=807048394&w=300&lmt=1536182313&guci=1.2.0.0.2.2.0&format=300x600&url=https%3A%2F%2Fdfarq.homeip.net%2F&ea=0&flash=10.0.45&wgl=0&dt=1536182315646&bpp=172&fdt=184&idt=894&shv=r20180829&cbv=r20180604&saldr=aa&abxe=1&correlator=4537786050938&frm=20&pv=2&ga_vid=1331961006.1536182317&ga_sid=1536182317&ga_hid=2028969598&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=787&ady=881&biw=1159&bih=754&scr_x=0&scr_y=0&eid=21060849&oid=3&rx=0&eae=4&fc=1808&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7Cbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=1434 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/

                                         
                                         172.217.20.34
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 05 Sep 2018 21:18:38 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Wed, 05-Sep-2018 21:33:38 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
Expires: Wed, 05 Sep 2018 21:18:38 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   383
Md5:    d1e93cee3f51c435e84ebc8a003fcbab
Sha1:   339737f874b7acb4d8b1a541b96e92e3f9f2efa0
Sha256: c3f069b9dcff745bd6e44882d9dfb8214b53049370604454bf9863bf049446f0
                                        
                                            GET /images/pixel.gif?ch=1&rn=2.730382523605796 HTTP/1.1 
Host: cdn.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/
Cookie: __cfduid=d5c8b1ca4c47481d5644db67be548e8ed1536182318

                                         
                                         104.16.161.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 05 Sep 2018 21:18:38 GMT
Content-Length: 43
Connection: keep-alive
x-amz-id-2: yGg82KifiJ4PoX/89VgSP/Bs8Xt6RfKvWw01/aWebz6O9Em7Tda07XRRzX44Gze3kxsjwoipPLU=
x-amz-request-id: EBFE18059DC34E04
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Etag: "221d8352905f2c38b3cb2bd191d630b0"
Cache-Control: max-age=15, must-revalidate
CF-Cache-Status: HIT
Vary: Accept-Encoding
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 455bbac55bb842a3-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    221d8352905f2c38b3cb2bd191d630b0
Sha1:   d804b495cb9b84b9007a25b5d85f9ae674004cde
Sha256: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
                                        
                                            GET /images/pixel.gif?ch=2&rn=2.730382523605796 HTTP/1.1 
Host: cdn.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/
Cookie: __cfduid=d5c8b1ca4c47481d5644db67be548e8ed1536182318

                                         
                                         104.16.161.13
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 05 Sep 2018 21:18:39 GMT
Content-Length: 43
Connection: keep-alive
x-amz-id-2: yGg82KifiJ4PoX/89VgSP/Bs8Xt6RfKvWw01/aWebz6O9Em7Tda07XRRzX44Gze3kxsjwoipPLU=
x-amz-request-id: EBFE18059DC34E04
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Etag: "221d8352905f2c38b3cb2bd191d630b0"
Cache-Control: max-age=15, must-revalidate
CF-Cache-Status: HIT
Vary: Accept-Encoding
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 455bbac61b7e428b-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    221d8352905f2c38b3cb2bd191d630b0
Sha1:   d804b495cb9b84b9007a25b5d85f9ae674004cde
Sha256: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
                                        
                                            GET /b/p?id=d8BvuGGy4r5QXWrkHcnlKl&lm=0&ts=1536182315871&dn=TI&iso=0&img=https%3A%2F%2Fi2.wp.com%2Fdfarq.homeip.net%2Fwp-content%2Fuploads%2F2018%2F09%2Fcommodore-1581-drive.jpg%3Ffit%3D640%252C480%26ssl%3D1&t=The%20Silicon%20Underground%20-%20David%20L.%20Farquhar%2C%20computer%20security%20professional%2C%20train%20hobbyist%2C%20and%20landlord&cu=https%3A%2F%2Fdfarq.homeip.net%2F HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/
Cookie: __cfduid=dbf37a691d2f39f1ef57e104b0c3825991536182315; uid=CmUMK1uQSC6EOTjQLb/qAg==

                                         
                                         208.100.17.181
HTTP/1.1 204 No Content
                                        
Server: nginx/1.14.0
Date: Wed, 05 Sep 2018 21:18:39 GMT
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         143.204.51.24
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162046
Date: Wed, 05 Sep 2018 21:18:39 GMT
Etag: "5b8fef7f-1d7"
Expires: Fri, 07 Sep 2018 18:19:25 GMT
Last-Modified: Wed, 05 Sep 2018 15:00:15 GMT
Server: ECS (lga/1391)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fbb.cloudfront.net (CloudFront)
X-Amz-Cf-Id: YFkIXhjBRQ6K8s9j8StZIe7I9tl0XQ-UAg6ArnphI1BUxBwgVXwiVg==


--- Additional Info ---
Magic:  data
Size:   471
Md5:    7482c0950d599f2acb10ea220695ffab
Sha1:   18803410a3be23d124498a25e6556b39c3162e63
Sha256: 6320065ce457ee68e3127b9cb035ccade88d9552b0734cf14f4000d8dc62da09
                                        
                                            POST / HTTP/1.1 
Host: ocsp.rootca1.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 118
Content-Type: application/ocsp-request

                                         
                                         143.204.51.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 1426
Connection: keep-alive
Date: Wed, 05 Sep 2018 21:18:39 GMT
Server: WEBrick/1.3.1 (Ruby/2.3.7/2018-03-28)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a3.cloudfront.net (CloudFront)
X-Amz-Cf-Id: lQFrkrpB9sa1ep5GmmBwUS125Qo_vGxHpqxD-iJc4LBkniSQRDK2Cg==


--- Additional Info ---
Magic:  data
Size:   1426
Md5:    0888b1bc4b0da84087b1a9b32a07dc8a
Sha1:   6db88d14f33a0231fe51eb1669d025852597121b
Sha256: c567cd078c569b4e42da40c6a9596263ad00d7a644ae72f31f4a8ce0b373dc52
                                        
                                            GET /b/p?id=d8BvuGGy4r5QXWrkHcnlKl&lm=0&ts=1536182315871&dn=TI&iso=0&img=https%3A%2F%2Fi2.wp.com%2Fdfarq.homeip.net%2Fwp-content%2Fuploads%2F2018%2F09%2Fcommodore-1581-drive.jpg%3Ffit%3D640%252C480%26ssl%3D1&t=The%20Silicon%20Underground%20-%20David%20L.%20Farquhar%2C%20computer%20security%20professional%2C%20train%20hobbyist%2C%20and%20landlord HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/
Cookie: __cfduid=dbf37a691d2f39f1ef57e104b0c3825991536182315; uid=CmUMK1uQSC6EOTjQLb/qAg==

                                         
                                         208.100.17.181
HTTP/1.1 204 No Content
                                        
Server: nginx/1.14.0
Date: Wed, 05 Sep 2018 21:18:39 GMT
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA


--- Additional Info ---
                                        
                                            OPTIONS /api/ping HTTP/1.1 
Host: api.viglink.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Origin: https://dfarq.homeip.net
Access-Control-Request-Method: POST

                                         
                                         54.72.165.213
HTTP/1.1 200 OK
                                        
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Date: Wed, 05 Sep 2018 21:18:39 GMT
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Server: Apache-Coyote/1.1
Set-Cookie: vglnk.PartnerRfsh.p=""; Domain=.viglink.com; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ vglnk.Agent.p=775d7de7cf873107ead1a6909cb87043; Domain=.viglink.com; Expires=Sat, 02-Sep-2028 21:18:40 GMT; Path=/
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /b/p?id=d8BvuGGy4r5QXWrkHcnlKl&lm=0&ts=1536182315871&dn=TI&iso=0&img=https%3A%2F%2Fi2.wp.com%2Fdfarq.homeip.net%2Fwp-content%2Fuploads%2F2018%2F09%2Fcommodore-1581-drive.jpg%3Ffit%3D640%252C480%26ssl%3D1 HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/
Cookie: __cfduid=dbf37a691d2f39f1ef57e104b0c3825991536182315; uid=CmUMK1uQSC6EOTjQLb/qAg==

                                         
                                         208.100.17.181
HTTP/1.1 204 No Content
                                        
Server: nginx/1.14.0
Date: Wed, 05 Sep 2018 21:18:40 GMT
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA


--- Additional Info ---
                                        
                                            GET /b/p?id=d8BvuGGy4r5QXWrkHcnlKl&lm=0&ts=1536182315871&dn=TI&iso=0&img=https%3A%2F%2Fi2.wp.com%2Fdfarq.homeip.net%2Fwp-content%2Fuploads%2F2018%2F09%2Fcommodore-1581-drive.jpg%3Ffit%3D640%252C480%26ssl%3D1 HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/
Cookie: __cfduid=dbf37a691d2f39f1ef57e104b0c3825991536182315; uid=CmUMK1uQSC6EOTjQLb/qAg==

                                         
                                         208.100.17.181
HTTP/1.1 204 No Content
                                        
Server: nginx/1.14.0
Date: Wed, 05 Sep 2018 21:18:40 GMT
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA


--- Additional Info ---
                                        
                                            GET /b/p?id=d8BvuGGy4r5QXWrkHcnlKl&lm=0&ts=1536182315871&dn=TI&iso=0&img=https%3A%2F%2Fi2.wp.com%2Fdfarq.homeip.net%2Fwp-content%2Fuploads%2F2018%2F09%2Fcommodore-1581-drive.jpg%3Ffit%3D640%252C480%26ssl%3D1 HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/
Cookie: __cfduid=dbf37a691d2f39f1ef57e104b0c3825991536182315; uid=CmUMK1uQSC6EOTjQLb/qAg==

                                         
                                         208.100.17.181
HTTP/1.1 204 No Content
                                        
Server: nginx/1.14.0
Date: Wed, 05 Sep 2018 21:18:41 GMT
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA


--- Additional Info ---
                                        
                                            GET /b/p?id=d8BvuGGy4r5QXWrkHcnlKl&lm=0&ts=1536182315871&dn=TI&iso=0 HTTP/1.1 
Host: ic.tynt.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/
Cookie: __cfduid=dbf37a691d2f39f1ef57e104b0c3825991536182315; uid=CmUMK1uQSC6EOTjQLb/qAg==

                                         
                                         208.100.17.181
HTTP/1.1 204 No Content
                                        
Server: nginx/1.14.0
Date: Wed, 05 Sep 2018 21:18:41 GMT
Connection: close
P3P: CP=NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: paddos_hYPC7=1

                                         
                                         99.161.81.76
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Date: Wed, 05 Sep 2018 21:18:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=1209600
Expires: Wed, 19 Sep 2018 21:18:41 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=5, max=150


--- Additional Info ---

Alerts:
  urlquery:
    - DynDNS domain detected
                                        
                                            GET /page/2/ HTTP/1.1 
Host: dfarq.homeip.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://dfarq.homeip.net/
X-Moz: prefetch

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  urlquery:
    - DynDNS domain detected