Overview

URL bit.ly/2HO69gd
IP67.199.248.10
ASNAS3257 Tinet SpA
Location United States
Report completed2019-03-24 07:08:08 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-03-24 2 oxy.cloud/d/pRo Malware
2019-03-24 2 oxy.cloud/js/tr_page_worker.js?1 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 67.199.248.10

Date UQ / IDS / BL URL IP
2019-06-26 02:34:59 +0200
0 - 0 - 0 bit.ly/LovelyRoom 67.199.248.10
2019-06-26 01:44:00 +0200
0 - 0 - 1 bit.ly/2N4BsaS 67.199.248.10
2019-06-25 23:16:30 +0200
0 - 0 - 0 bit.ly/2IDW6u4 67.199.248.10
2019-06-25 22:58:24 +0200
0 - 0 - 0 https://bit.ly/2IDy9Dp 67.199.248.10
2019-06-25 22:47:20 +0200
0 - 0 - 0 https://bit.ly/2icnv1d 67.199.248.10
2019-06-25 22:03:55 +0200
0 - 0 - 0 https://bit.ly/2ERTgzI 67.199.248.10
2019-06-25 15:15:02 +0200
0 - 0 - 0 https://bit.ly/2ICNV1d 67.199.248.10
2019-06-25 13:36:15 +0200
0 - 0 - 0 bit.ly/2XsQ08b 67.199.248.10
2019-06-25 03:01:46 +0200
0 - 0 - 0 https://bit.ly/2x6R3vV 67.199.248.10
2019-06-25 02:53:18 +0200
0 - 0 - 1 bit.ly/2X1FBRv 67.199.248.10

Last 10 reports on ASN: AS3257 Tinet SpA

Date UQ / IDS / BL URL IP
2019-06-26 03:31:42 +0200
0 - 0 - 0 https://bit.ly/2ICNV1d 67.199.248.11
2019-06-26 02:36:30 +0200
0 - 0 - 0 https://bit.ly/2Yc6sHc 67.199.248.11
2019-06-26 02:34:59 +0200
0 - 0 - 0 bit.ly/LovelyRoom 67.199.248.10
2019-06-26 01:48:46 +0200
0 - 0 - 0 bit.ly/AppRegalo 67.199.248.11
2019-06-26 01:44:00 +0200
0 - 0 - 1 bit.ly/2N4BsaS 67.199.248.10
2019-06-26 01:43:47 +0200
0 - 0 - 0 bit.ly/2N4BsaS%22 67.199.248.11
2019-06-26 00:20:54 +0200
0 - 0 - 0 136.228.161.66 136.228.161.66
2019-06-26 00:04:25 +0200
0 - 0 - 0 https://bit.ly/2LbZzSz 67.199.248.11
2019-06-25 23:37:37 +0200
0 - 0 - 0 bit.ly/TexasDefensiveDriving101 67.199.248.11
2019-06-25 23:16:30 +0200
0 - 0 - 0 bit.ly/2IDW6u4 67.199.248.10

Last 10 reports on domain: bit.ly

Date UQ / IDS / BL URL IP
2019-06-26 03:31:42 +0200
0 - 0 - 0 https://bit.ly/2ICNV1d 67.199.248.11
2019-06-26 02:36:30 +0200
0 - 0 - 0 https://bit.ly/2Yc6sHc 67.199.248.11
2019-06-26 02:34:59 +0200
0 - 0 - 0 bit.ly/LovelyRoom 67.199.248.10
2019-06-26 01:48:46 +0200
0 - 0 - 0 bit.ly/AppRegalo 67.199.248.11
2019-06-26 01:44:00 +0200
0 - 0 - 1 bit.ly/2N4BsaS 67.199.248.10
2019-06-26 01:43:47 +0200
0 - 0 - 0 bit.ly/2N4BsaS%22 67.199.248.11
2019-06-26 00:04:25 +0200
0 - 0 - 0 https://bit.ly/2LbZzSz 67.199.248.11
2019-06-25 23:37:37 +0200
0 - 0 - 0 bit.ly/TexasDefensiveDriving101 67.199.248.11
2019-06-25 23:16:30 +0200
0 - 0 - 0 bit.ly/2IDW6u4 67.199.248.10
2019-06-25 22:58:24 +0200
0 - 0 - 0 https://bit.ly/2IDy9Dp 67.199.248.10


JavaScript

Executed Scripts (25)


Executed Evals (0)


Executed Writes (7)

#1 JavaScript::Write (size: 306, repeated: 1) - SHA256: 264161db8a220a93a331aed7110937b464b8718881278a8ebc31384bd1cfc1bc

                                        < !doctype html > < html > < body > < script > google_sl_win = window.parent;
google_iframe_start_time = new Date().getTime();
google_async_iframe_id = "aswift_0"; < /script><script>window.parent.google_sa_impl({iframeWin: window, pubWin: window.parent, vars: window.parent['google_sv_map']['aswift_0']});</script > < /body></html >
                                    

#2 JavaScript::Write (size: 306, repeated: 1) - SHA256: 5efcb9fc2a44ea42dca7f3a6201c413bf996957c8642429d6bfa6d151206a13e

                                        < !doctype html > < html > < body > < script > google_sl_win = window.parent;
google_iframe_start_time = new Date().getTime();
google_async_iframe_id = "aswift_1"; < /script><script>window.parent.google_sa_impl({iframeWin: window, pubWin: window.parent, vars: window.parent['google_sv_map']['aswift_1']});</script > < /body></html >
                                    

#3 JavaScript::Write (size: 306, repeated: 1) - SHA256: ceb1ece9d4cb4964ccd9219016b1b547d99a604ffb0173c99f882e88f578ed73

                                        < !doctype html > < html > < body > < script > google_sl_win = window.parent;
google_iframe_start_time = new Date().getTime();
google_async_iframe_id = "aswift_2"; < /script><script>window.parent.google_sa_impl({iframeWin: window, pubWin: window.parent, vars: window.parent['google_sv_map']['aswift_2']});</script > < /body></html >
                                    

#4 JavaScript::Write (size: 432, repeated: 1) - SHA256: ca817326643e79b875fc0b654d15d51bb17359473274bf49d86bdb34e2f1a516

                                        < a href = '//www.liveinternet.ru/click'
target = _blank > < img src = '//counter.yadro.ru/hit?t52.6;r;s1176*885*24;uhttps%3A//oxy.cloud/d/pRo;h%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0444%u0430%u0439%u043B%20%u0412%u0435%u0441%u044C%20%u0441%u043B%u0438%u0432%20GTF.rar%20%u043D%u0430%20Oxy.Cloud;0.23352036409517363'
alt = ''
title = 'LiveInternet: ?>:070=> G8A;> ?@>A<>B@>2 8 ?>A5B8B5;59 70 24 G0A0'
border = '0'
width = '1'
height = '1' > < /a>
                                    

#5 JavaScript::Write (size: 1352, repeated: 1) - SHA256: 95364f05f909f943fb320fcb3001bb0fd6dc9321f9e47f262de25832b4547d9a

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "1176"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559038679954809&amp;output=html&amp;h=90&amp;slotname=7003457376&amp;adk=2923874277&amp;adf=807048394&amp;w=1176&amp;fwrn=4&amp;fwrnh=100&amp;lmt=1553407655&amp;rafmt=1&amp;guci=1.2.0.0.2.2.0.0&amp;format=1176x90&amp;url=https%3A%2F%2Foxy.cloud%2Fd%2FpRo&amp;ea=0&amp;flash=10.0.45&amp;fwr=0&amp;resp_fmts=3&amp;wgl=0&amp;adsid=NT&amp;dt=1553407656617&amp;bpp=32&amp;fdt=871&amp;idt=864&amp;shv=r20190320&amp;cbv=r20190131&amp;saldr=aa&amp;abxe=1&amp;correlator=367556482833&amp;frm=20&amp;pv=2&amp;ga_vid=331324989.1553407658&amp;ga_sid=1553407658&amp;ga_hid=1402177125&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=0&amp;ady=120&amp;biw=1176&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=21060853&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=656&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=144&amp;bc=1&amp;ifi=1&amp;uci=a!1&amp;dtd=1545"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#6 JavaScript::Write (size: 1374, repeated: 1) - SHA256: 7bda456ae3cff075a059094f6e33f2e953365bf4770216f30ac9e79a0a61e849

                                        < iframe id = "google_ads_frame2"
name = "google_ads_frame2"
width = "971"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559038679954809&amp;output=html&amp;h=90&amp;slotname=1174679371&amp;adk=3100642512&amp;adf=807048394&amp;w=971&amp;fwrn=4&amp;fwrnh=100&amp;lmt=1553407655&amp;rafmt=1&amp;guci=1.2.0.0.2.2.0.0&amp;format=971x90&amp;url=https%3A%2F%2Foxy.cloud%2Fd%2FpRo&amp;ea=0&amp;flash=10.0.45&amp;fwr=0&amp;resp_fmts=3&amp;wgl=0&amp;adsid=NT&amp;dt=1553407656650&amp;bpp=21&amp;fdt=1545&amp;idt=831&amp;shv=r20190320&amp;cbv=r20190131&amp;saldr=aa&amp;abxe=1&amp;prev_fmts=1176x90&amp;correlator=367556482833&amp;frm=20&amp;pv=1&amp;ga_vid=331324989.1553407658&amp;ga_sid=1553407658&amp;ga_hid=1402177125&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=111&amp;ady=281&amp;biw=1176&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=21060853&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=656&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=144&amp;bc=1&amp;ifi=2&amp;uci=a!2&amp;dtd=1581"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#7 JavaScript::Write (size: 1384, repeated: 1) - SHA256: 6a5a22740bb27a3f37008a439c77a2c07048c88fab930b1126d8abd4de4d2002

                                        < iframe id = "google_ads_frame3"
name = "google_ads_frame3"
width = "1176"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7559038679954809&amp;output=html&amp;h=90&amp;slotname=9640002572&amp;adk=2948728934&amp;adf=807048394&amp;w=1176&amp;fwrn=4&amp;fwrnh=100&amp;lmt=1553407655&amp;rafmt=1&amp;guci=1.2.0.0.2.2.0.0&amp;format=1176x90&amp;url=https%3A%2F%2Foxy.cloud%2Fd%2FpRo&amp;ea=0&amp;flash=10.0.45&amp;fwr=0&amp;resp_fmts=3&amp;wgl=0&amp;adsid=NT&amp;dt=1553407656672&amp;bpp=11&amp;fdt=1577&amp;idt=809&amp;shv=r20190320&amp;cbv=r20190131&amp;saldr=aa&amp;abxe=1&amp;prev_fmts=1176x90%2C971x90&amp;correlator=367556482833&amp;frm=20&amp;pv=1&amp;ga_vid=331324989.1553407658&amp;ga_sid=1553407658&amp;ga_hid=1402177125&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=0&amp;ady=471&amp;biw=1176&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=21060853&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=656&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=144&amp;bc=1&amp;ifi=3&amp;uci=a!3&amp;dtd=1589"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    


HTTP Transactions (36)


Request Response
                                        
                                            GET /2HO69gd HTTP/1.1 
Host: bit.ly
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         67.199.248.11
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Sun, 24 Mar 2019 06:07:35 GMT
Content-Length: 110
Connection: keep-alive
Cache-Control: private, max-age=90
Location: https://oxy.cloud/d/pRo
Set-Cookie: _bit=j2o67z-80f3a9e3d7c138792b-00p; Domain=bit.ly; Expires=Fri, 20 Sep 2019 06:07:35 GMT


--- Additional Info ---
Magic:  HTML document text
Size:   110
Md5:    d1923ef7337245d10c9c878fa88cacdd
Sha1:   3537ea6d12d4d62cefd13311544d954a6ac683ea
Sha256: 24ee1450d711572b7cbe407e078b14375f6da787f1f229d8e7684dd995b453e7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=87340
Date: Sun, 24 Mar 2019 06:07:35 GMT
Etag: "5c957014-117"
Expires: Mon, 25 Mar 2019 06:23:15 GMT
Last-Modified: Fri, 22 Mar 2019 23:30:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279


--- Additional Info ---
Magic:  data
Size:   279
Md5:    f0e2d61597b8a30369b44cff8933a151
Sha1:   679f5253ebfbb5ea7ccbb0f39769e3a02a26f28b
Sha256: 378fbbab3c48da2b7adf96a06e3e0670cd1a136ee2d2f832a52d455c987b0ac0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=89391
Date: Sun, 24 Mar 2019 06:07:35 GMT
Etag: "5c95cb8a-1d7"
Expires: Mon, 25 Mar 2019 06:57:26 GMT
Last-Modified: Sat, 23 Mar 2019 06:00:42 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c1024dddaedf3f8ad00eec17c066f8b9
Sha1:   ba6fe4c24af505ff6b49a576d5ab9f302cb824bf
Sha256: fe6cc2dc1dccd6485c2f0b72bda1f5010f0eb9a82b2548883a333425f9e64c41
                                        
                                            GET /d/pRo HTTP/1.1 
Host: oxy.cloud
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.28.2.50
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 24 Mar 2019 06:07:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d03af2188807a32bf7eadf96a8f89ca6d1553407655; expires=Mon, 23-Mar-20 06:07:35 GMT; path=/; domain=.oxy.cloud; HttpOnly PHPSESSID=ghjs0f2ulm2gup1a8k8h6fevm2; path=/; domain=.oxy.cloud
X-Powered-By: PHP/5.4.45
X-Frame-Options: Sameorigin
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 4bc67738a9977678-ARN
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3300
Md5:    4e49d78693fd095fef1bb0074c7ea274
Sha1:   db19f98b052fb463a5fa92f6041c0113c6ff11a8
Sha256: 9c66e0ebeaad5d5ac2ea778be0476d8c5959153eb62ab0d828ae1e53558fea79

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 19 Mar 2019 19:46:13 GMT
Etag: 1B89EE4FF0D7179775E1499E562DDC440054BB91
X-OCSP-Responder-ID: mcdpcaocsp11
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=221316
Expires: Tue, 26 Mar 2019 19:36:11 GMT
Date: Sun, 24 Mar 2019 06:07:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    1937c97588b0b69dba8f47b493e69e0e
Sha1:   1b89ee4ff0d7179775e1499e562ddc440054bb91
Sha256: 33a42faa340896382c4171ad951d5b17a42b4967241c7892896bbad5f5e626d6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 17 Mar 2019 23:19:13 GMT
Etag: 5E3A8340A9F002F7004046B7E4C6EBE1EEBAB925
X-OCSP-Responder-ID: mcdpcaocsp14
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=61257
Expires: Sun, 24 Mar 2019 23:08:32 GMT
Date: Sun, 24 Mar 2019 06:07:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    a1c08879a49a64c6912cbee6a3488f4b
Sha1:   5e3a8340a9f002f7004046b7e4c6ebe1eebab925
Sha256: cf543983b4d6ee229cf3b2b4f576ad34e73071d44a2349bf60632a909e6d07e9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 17 Mar 2019 23:19:13 GMT
Etag: 96669D3885A81C7CA4E86F0AA5BBC80F76195C71
X-OCSP-Responder-ID: mcdpcaocsp11
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=61318
Expires: Sun, 24 Mar 2019 23:09:33 GMT
Date: Sun, 24 Mar 2019 06:07:35 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e6107de1283b3f7949fd6524e0ccf6eb
Sha1:   96669d3885a81c7ca4e86f0aa5bbc80f76195c71
Sha256: 01a2ad4a38a4209bb14cba646a276935a9768b4dcbdb7fcf751721668aa82c3a
                                        
                                            GET /ajax/libs/jquery/3.2.1/jquery.slim.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo

                                         
                                         104.19.199.151
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 24 Mar 2019 06:07:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 May 2018 09:20:15 GMT
Etag: W/"5afd494f-10fdd"
Expires: Fri, 13 Mar 2020 06:07:35 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Served-In-Seconds: 0.003
CF-Cache-Status: HIT
Strict-Transport-Security: max-age=15780000; includeSubDomains
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4bc67739bcac4261-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   24052
Md5:    bf1b0cd404defa6ca1bf5b349bf5a5ac
Sha1:   60b720972333748faa69802f78b6686654eb8bd1
Sha256: 4dc76aaf088b890f37b604662c52ef5716f399b2d280e579324172ec102415e6
                                        
                                            GET /images/icon.png HTTP/1.1 
Host: oxy.cloud
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d03af2188807a32bf7eadf96a8f89ca6d1553407655; PHPSESSID=ghjs0f2ulm2gup1a8k8h6fevm2

                                         
                                         104.28.2.50
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 24 Mar 2019 06:07:35 GMT
Content-Length: 7531
Connection: keep-alive
Last-Modified: Sun, 02 Dec 2018 00:26:15 GMT
Etag: "240088-1d6b-57bff1489b7c0"
CF-Cache-Status: REVALIDATED
Expires: Sun, 24 Mar 2019 10:07:35 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4bc6773949e67678-ARN


--- Additional Info ---
Magic:  PNG image, 192 x 192, 8-bit/color RGBA, non-interlaced
Size:   7531
Md5:    b63d70eb8c5d379fa68fe0f63e8c4255
Sha1:   232de1f52e52611ae67aab8ebaa143946154a233
Sha256: 100c7773d318b841267dc4ac654366ac19ba903e6cd6551777268f6eb4ed86cd
                                        
                                            GET /images/logo_range.png HTTP/1.1 
Host: oxy.cloud
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo
Cookie: __cfduid=d03af2188807a32bf7eadf96a8f89ca6d1553407655; PHPSESSID=ghjs0f2ulm2gup1a8k8h6fevm2

                                         
                                         104.28.2.50
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 24 Mar 2019 06:07:35 GMT
Content-Length: 15222
Connection: keep-alive
Last-Modified: Wed, 02 Jan 2019 18:19:07 GMT
Etag: "240769-3b76-57e7dae7d1cc0"
CF-Cache-Status: HIT
Expires: Sun, 24 Mar 2019 10:07:35 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4bc67739cd5a7690-ARN


--- Additional Info ---
Magic:  PNG image, 516 x 150, 8-bit/color RGBA, non-interlaced
Size:   15222
Md5:    88c7a6c0f97a6d3e16b3764ecf8c0099
Sha1:   b7bd1d977cf730f5b078a93cd77ee2a6af25da37
Sha256: 91340a4532a04b9436946087bb2a8ef833a751ab32aadb54ea0a4b01c3d2be73
                                        
                                            GET /js/tr_page_worker.js?1 HTTP/1.1 
Host: oxy.cloud
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo
Cookie: __cfduid=d03af2188807a32bf7eadf96a8f89ca6d1553407655; PHPSESSID=ghjs0f2ulm2gup1a8k8h6fevm2

                                         
                                         104.28.2.50
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sun, 24 Mar 2019 06:07:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 11 Dec 2018 12:38:43 GMT
Etag: W/"24011a-83e-57cbe5ca7946b"
Content-Encoding: gzip
CF-Cache-Status: HIT
Expires: Sun, 24 Mar 2019 10:07:36 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4bc6773a3a6e7678-ARN


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   870
Md5:    dca1641f473c527662c083ea5a7820c4
Sha1:   141e6817d88ccfb13f89ef4719f17f02a6d89000
Sha256: 9b62e8a49489d8cd1fdfee546851843791b41017a9df1e4f09f00359f8823ad8

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 24 Mar 2019 06:07:36 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    b04e7d1f9cf563669534859d4ab7ea9a
Sha1:   193f9e6701ca0797db7b152d0a3bbde3d3014050
Sha256: c7ffe4fdded626bb1c1429d7a8041b730dbdefebdcfa233ee4c35d57e81d7ef6
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 24 Mar 2019 06:07:36 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /js/tr_page_popup.js?1 HTTP/1.1 
Host: oxy.cloud
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo
Cookie: __cfduid=d03af2188807a32bf7eadf96a8f89ca6d1553407655; PHPSESSID=ghjs0f2ulm2gup1a8k8h6fevm2

                                         
                                         104.28.2.50
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sun, 24 Mar 2019 06:07:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 11 Dec 2018 12:38:43 GMT
Etag: W/"240119-116d-57cbe5ca492e3"
Content-Encoding: gzip
CF-Cache-Status: HIT
Expires: Sun, 24 Mar 2019 10:07:36 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4bc6773a4ed375ca-ARN


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1402
Md5:    88b207ddf5d9e569dd5760fd47f7e4f3
Sha1:   cc0dde0370548b08427c23203fb0e546426bc9d0
Sha256: 251d2afa35a25c0e68c94e0c1ef2211cbf4c7785214987e8cc5fd15050a485a7
                                        
                                            GET /css/cloud.css HTTP/1.1 
Host: oxy.cloud
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo
Cookie: __cfduid=d03af2188807a32bf7eadf96a8f89ca6d1553407655; PHPSESSID=ghjs0f2ulm2gup1a8k8h6fevm2

                                         
                                         104.28.2.50
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 24 Mar 2019 06:07:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 29 Nov 2018 22:35:52 GMT
Etag: W/"240071-d024-57bd54e18ec82"
Content-Encoding: gzip
CF-Cache-Status: HIT
Expires: Sun, 24 Mar 2019 10:07:36 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4bc6773a4a807678-ARN


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   9206
Md5:    de17246952f336ce2133d359a948b87e
Sha1:   ff5cce63825e8cc3779fab370f45936aeb8413e1
Sha256: 8c171b665ad2b68d5e9b72f9a2c83cbc2498e719cd04e600df86d3050b1e9719
                                        
                                            GET /js/tr_page.js?1 HTTP/1.1 
Host: oxy.cloud
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo
Cookie: __cfduid=d03af2188807a32bf7eadf96a8f89ca6d1553407655; PHPSESSID=ghjs0f2ulm2gup1a8k8h6fevm2

                                         
                                         104.28.2.50
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Sun, 24 Mar 2019 06:07:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 11 Dec 2018 12:38:43 GMT
Etag: W/"240118-4e3b-57cbe5ca35293"
Content-Encoding: gzip
CF-Cache-Status: HIT
Expires: Sun, 24 Mar 2019 10:07:36 GMT
Cache-Control: public, max-age=14400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4bc6773b0c057654-ARN


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6626
Md5:    a701a000f4409304cee6081f92ee04c0
Sha1:   a1212e353e9558b4a021a106029990f434dec81e
Sha256: 6ba2036b1d3880a5525fbe5bb33b440e7e025a72e761853fd39f0774af03a16a
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Sun, 24 Mar 2019 06:07:36 GMT
Expires: Sun, 24 Mar 2019 06:07:36 GMT
Cache-Control: private, max-age=3600
Etag: 12201990564683095073
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   31790
Md5:    c6f22bcbc98301204ce6d52c6dd22c7e
Sha1:   911ca5ae169689e24727b49366b9ae22a087b600
Sha256: b4c44d0a2b00c52579b3a694b8c2bcd322767db263c38a836ff85a16b9195d02
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 24 Mar 2019 06:07:36 GMT
Content-Length: 1570
Connection: keep-alive
Set-Cookie: __cfduid=df71310f503663866b5e39605d71e78ab1553407656; expires=Mon, 23-Mar-20 06:07:36 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Sun, 24 Mar 2019 05:06:10 GMT
Expires: Thu, 28 Mar 2019 05:06:10 GMT
Etag: "b8c4546508badd01b3d19ae98a569ef33ff20790"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4bc6773f7fb04279-OSL


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    0bbca861e9087df12b83f07f2b97add3
Sha1:   b8c4546508badd01b3d19ae98a569ef33ff20790
Sha256: f4a70ef063f9addf20845fdffb169a04841a8928e4cb3a15333e385ddef03450
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Wed, 20 Mar 2019 07:16:38 GMT
Etag: A49EFEF4D3CC8FF1B67B5788BDE7653B0ACFBC8C
X-OCSP-Responder-ID: mcdpcaocsp4
Content-Length: 278
Cache-Control: public, no-transform, must-revalidate, max-age=262756
Expires: Wed, 27 Mar 2019 07:06:52 GMT
Date: Sun, 24 Mar 2019 06:07:36 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   278
Md5:    0c51ebf4e568e59a68c5d9221c6dc590
Sha1:   a49efef4d3cc8ff1b67b5788bde7653b0acfbc8c
Sha256: 39e55e06056027574f115278b2c6ff4b55a66ffca3b35ffab45da041082cc209
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 17 Mar 2019 23:19:13 GMT
Etag: 08E6C7FCD253DFFBA64C5A87EEB163AC75A5116C
X-OCSP-Responder-ID: mcdpcaocsp4
Content-Length: 312
Cache-Control: public, no-transform, must-revalidate, max-age=61340
Expires: Sun, 24 Mar 2019 23:09:56 GMT
Date: Sun, 24 Mar 2019 06:07:36 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   312
Md5:    a2f33b8e6cf3387f3740dcf0b06b3a09
Sha1:   08e6c7fcd253dffba64c5a87eeb163ac75a5116c
Sha256: 4442d594132392b6d4f9bf47f03f72601b65214677832483a320323c3c948427
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 24 Mar 2019 06:07:37 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e24a03839a197f977d9b14939d4b3ae2
Sha1:   51c2ce0b6e58bed0d23948197f9929f1e64dfbb7
Sha256: 26475634994f49d0dafd7cace4c8c0cbac1d5749d9598299cb9218caa26d842d
                                        
                                            GET /islands/_/7RkupUWVEcepjeZPFv1xCDdQFhc.woff HTTP/1.1 
Host: yastatic.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/css/cloud.css
Origin: https://oxy.cloud

                                         
                                         178.154.131.215
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx/1.12.2
Date: Sun, 24 Mar 2019 06:07:37 GMT
Content-Length: 58044
Connection: keep-alive
Etag: "bcc1c062dce07b169b0ccb3d1a95f765"
Last-Modified: Tue, 22 Jan 2019 17:10:08 GMT
X-Robots-Tag: noindex, noarchive, nofollow
X-Nginx-Request-Id: b1c2167e50434765
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   58044
Md5:    bcc1c062dce07b169b0ccb3d1a95f765
Sha1:   724298171c2f037f42200ea8c956dba0569c3d28
Sha256: b0ca0ecd050dafce02481d92ba96aaef315a6ab135b48e7ba3235a629fce4e18
                                        
                                            GET /islands/_/aHTLG2tTlmAJt89PBP6ke1NjNlI.woff HTTP/1.1 
Host: yastatic.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/css/cloud.css
Origin: https://oxy.cloud

                                         
                                         178.154.131.215
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx/1.12.2
Date: Sun, 24 Mar 2019 06:07:37 GMT
Content-Length: 60667
Connection: keep-alive
Etag: "04c9789cf8ede5f1dbac403d00785022"
Last-Modified: Tue, 22 Jan 2019 17:16:07 GMT
X-Robots-Tag: noindex, noarchive, nofollow
X-Nginx-Request-Id: be02b9b03f4c1974
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   60667
Md5:    04c9789cf8ede5f1dbac403d00785022
Sha1:   09372332071068752cfac27c67e315812d3b6e79
Sha256: a69c638de5f6a1187b7f95ccd75d660617dd7fe482e0c7fcae8bf761f3e2cba3
                                        
                                            GET /pagead/html/r20190320/r20190131/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 20 Mar 2019 13:36:20 GMT
Expires: Wed, 03 Apr 2019 13:36:20 GMT
Etag: 4425972840952340538
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6619
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 318677
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6619
Md5:    3e02d309a38abc153b27de13093ed765
Sha1:   60b695727d58ed3bace31236d97f63cf0bff6439
Sha256: 5a23ba8984cb3a93993a7d28feaf5473cba49e078a610b621512afbfba098537
                                        
                                            GET /hit?t52.6;r;s1176*885*24;uhttps%3A//oxy.cloud/d/pRo;h%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0444%u0430%u0439%u043B%20%u0412%u0435%u0441%u044C%20%u0441%u043B%u0438%u0432%20GTF.rar%20%u043D%u0430%20Oxy.Cloud;0.23352036409517363 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo

                                         
                                         88.212.201.193
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx/1.11.1
Date: Sun, 24 Mar 2019 06:07:37 GMT
Content-Length: 32
Connection: keep-alive
Location: https://counter.yadro.ru/hit?q;t52.6;r;s1176*885*24;uhttps%3A//oxy.cloud/d/pRo;h%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0444%u0430%u0439%u043B%20%u0412%u0435%u0441%u044C%20%u0441%u043B%u0438%u0432%20GTF.rar%20%u043D%u0430%20Oxy.Cloud;0.23352036409517363
Expires: Fri, 23 Mar 2018 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: FTID=1Sbnwf1B87Po1Sbnwf00L98G; path=/; expires=Sun, 22 Mar 2020 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  HTML document text
Size:   32
Md5:    3e9c09a8c5a87f266e047a596f48578c
Sha1:   07d7b1940b7e3f9a3db43197458f9b8ef18a6bce
Sha256: 57fad7ae62012ff4a38ecb6045ac6e8e3a070a33bbd033b21ab6cad3566d9254
                                        
                                            GET /pagead/js/r20190320/r20190131/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Sun, 24 Mar 2019 06:07:37 GMT
Expires: Sun, 24 Mar 2019 06:07:37 GMT
Cache-Control: private, max-age=1209600
Etag: 2125612859745594511
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   75809
Md5:    c75585353a42a6f037542a17cc98c9d0
Sha1:   93665d6a57db47c8b0a9f6d2fa8039e31cc83a32
Sha256: f1d4abc6b349bd64ae0ae830d4f1a0c9e72d83482d03a67eb832f65d2d48e372
                                        
                                            GET /adsid/integrator.js?domain=oxy.cloud HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Sun, 24 Mar 2019 06:07:37 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 24 Mar 2019 06:07:37 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c13d83e5c6fff2e501cc43d3e18be114
Sha1:   cd319ba1fddf10795cc78051bea7e85ee097abea
Sha256: b1bc270bf5f8e4f79590f71bbf2aa08ece4839b4ef65e06e463f10c9418e4c38
                                        
                                            GET /pub-config/r20160913/ca-pub-7559038679954809.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 125
Date: Sun, 24 Mar 2019 00:56:12 GMT
Expires: Sun, 24 Mar 2019 12:56:12 GMT
Last-Modified: Mon, 18 Mar 2019 20:56:03 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=43200
Age: 18685
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   125
Md5:    21aea2dae0239adff4f9f063cdacfc76
Sha1:   ce64c497ac1dd86393da79e8cea239de113c1de7
Sha256: a59ee78166b8467dd7dd8c7acb03d8df7d16cf4a04f45c8558366df1c33b868f
                                        
                                            GET /islands/_/6ht3TWbVtHpfxwRbEdAXAbwRBBk.woff HTTP/1.1 
Host: yastatic.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/css/cloud.css
Origin: https://oxy.cloud

                                         
                                         178.154.131.215
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
Server: nginx/1.12.2
Date: Sun, 24 Mar 2019 06:07:37 GMT
Content-Length: 53973
Connection: keep-alive
Etag: "7cc98119b63388fd5322d70ff494e049"
Last-Modified: Fri, 22 Mar 2019 15:59:28 GMT
X-Robots-Tag: noindex, noarchive, nofollow
X-Nginx-Request-Id: 03ce3512efc61d7c
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=43200000; includeSubDomains;
Timing-Allow-Origin: *
Vary: Accept-Encoding
Content-Encoding: gzip
Accept-Ranges: bytes


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max compression
Size:   53973
Md5:    7cc98119b63388fd5322d70ff494e049
Sha1:   f034e41cf929b57a1b750c30e69d7bf492c51b1f
Sha256: 728314c279131945869de05d4ed77407c29b7ac2d1d43aaa4ea5834fcf4947ce
                                        
                                            GET /hit?q;t52.6;r;s1176*885*24;uhttps%3A//oxy.cloud/d/pRo;h%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0444%u0430%u0439%u043B%20%u0412%u0435%u0441%u044C%20%u0441%u043B%u0438%u0432%20GTF.rar%20%u043D%u0430%20Oxy.Cloud;0.23352036409517363 HTTP/1.1 
Host: counter.yadro.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo
Cookie: FTID=1Sbnwf1B87Po1Sbnwf00L98G

                                         
                                         88.212.201.193
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.11.1
Date: Sun, 24 Mar 2019 06:07:37 GMT
Content-Length: 428
Connection: keep-alive
Expires: Fri, 23 Mar 2018 21:00:00 GMT
Pragma: no-cache
Cache-Control: no-cache
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Set-Cookie: VID=1tPHhX3RYM9o1Sbnwf00L9DE; path=/; expires=Sun, 22 Mar 2020 21:00:00 GMT; domain=.yadro.ru


--- Additional Info ---
Magic:  GIF image data, version 87a, 88 x 31
Size:   428
Md5:    a06c840534264f56346ef3c4198c014c
Sha1:   81db5d9d38894cb7ed29d49bc8f5afa8b96bd528
Sha256: 8c1525038b4b2561bf716f7e49f32fa31df42c4aee25716e22fb52636012d130
                                        
                                            GET /adsid/integrator.js?domain=oxy.cloud HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Sun, 24 Mar 2019 06:07:37 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            GET /activeview/js/current/osd.js?cb=%2Fr20100101 HTTP/1.1 
Host: www.googletagservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 24 Mar 2019 06:07:38 GMT
Expires: Sun, 24 Mar 2019 06:07:38 GMT
Cache-Control: private, max-age=3000
Etag: "1553253327984164"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29012
Md5:    561dbe3be554e6a25ebaa3860640f9f3
Sha1:   d0fc058e630390a91397039e3da416ba4db33a1c
Sha256: 86b6cf171e8b3a9728efb6126389b9eef43bd7853654da3fb589954f3443a560
                                        
                                            GET /pagead/ads?client=ca-pub-7559038679954809&output=html&h=90&slotname=7003457376&adk=2923874277&adf=807048394&w=1176&fwrn=4&fwrnh=100&lmt=1553407655&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1176x90&url=https%3A%2F%2Foxy.cloud%2Fd%2FpRo&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1553407656617&bpp=32&fdt=871&idt=864&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&correlator=367556482833&frm=20&pv=2&ga_vid=331324989.1553407658&ga_sid=1553407658&ga_hid=1402177125&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=0&ady=120&biw=1176&bih=754&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=4&fc=656&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=1&uci=a!1&dtd=1545 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sun, 24 Mar 2019 06:07:38 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Sun, 24-Mar-2019 06:22:38 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
Expires: Sun, 24 Mar 2019 06:07:38 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   383
Md5:    bf1866e472db4823d51b0e7a9f7d5365
Sha1:   126062a0984e83874546a2a9e3f57019af98186f
Sha256: 8d640a0471fc943d41dff3166c69321b6565ded6330db26c46dc6bb2ecf90b51
                                        
                                            GET /pagead/ads?client=ca-pub-7559038679954809&output=html&h=90&slotname=1174679371&adk=3100642512&adf=807048394&w=971&fwrn=4&fwrnh=100&lmt=1553407655&rafmt=1&guci=1.2.0.0.2.2.0.0&format=971x90&url=https%3A%2F%2Foxy.cloud%2Fd%2FpRo&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1553407656650&bpp=21&fdt=1545&idt=831&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1176x90&correlator=367556482833&frm=20&pv=1&ga_vid=331324989.1553407658&ga_sid=1553407658&ga_hid=1402177125&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=111&ady=281&biw=1176&bih=754&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=4&fc=656&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=2&uci=a!2&dtd=1581 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sun, 24 Mar 2019 06:07:38 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Sun, 24-Mar-2019 06:22:38 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
Expires: Sun, 24 Mar 2019 06:07:38 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   383
Md5:    594f9b665e2be1ded8dee845fe9a22d7
Sha1:   21db414bf5920b63d0b3c16bcfb963c29227a2ab
Sha256: 5d952a37ef742d6a0eab9e4239c40e714eb2bf513d444cb9edfde7a4e0fa0679
                                        
                                            GET /pagead/ads?client=ca-pub-7559038679954809&output=html&h=90&slotname=9640002572&adk=2948728934&adf=807048394&w=1176&fwrn=4&fwrnh=100&lmt=1553407655&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1176x90&url=https%3A%2F%2Foxy.cloud%2Fd%2FpRo&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&adsid=NT&dt=1553407656672&bpp=11&fdt=1577&idt=809&shv=r20190320&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1176x90%2C971x90&correlator=367556482833&frm=20&pv=1&ga_vid=331324989.1553407658&ga_sid=1553407658&ga_hid=1402177125&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=0&ady=471&biw=1176&bih=754&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=4&fc=656&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=3&uci=a!3&dtd=1589 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://oxy.cloud/d/pRo

                                         
                                         216.58.207.194
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sun, 24 Mar 2019 06:07:38 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Sun, 24-Mar-2019 06:22:38 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
Expires: Sun, 24 Mar 2019 06:07:38 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   386
Md5:    1cd00dfa3bd579fd29fc800b1a7caefa
Sha1:   2e2a09c6b0387a7b0fa56e4f340ce7c7f22468ff
Sha256: b9f78bc6624735dc88557ba91c6550346017e0f87bd776c9007486b486bbb54c