Overview

URL https://bestadbid.com/afu.php?zoneid=1850667&var=new
IP194.187.98.176
ASNAS35415 Webzilla B.V.
Location Netherlands
Report completed2018-09-26 22:40:38 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 194.187.98.176

Date UQ / IDS / BL URL IP
2019-05-20 12:22:43 +0200
0 - 0 - 0 bestadbid.com/afu.php?zoneid=1462665&var=13740980 194.187.98.176
2019-04-23 14:38:26 +0200
0 - 0 - 0 bestadbid.com/afu.php?zoneid=1997524&var=1234 (...) 194.187.98.176
2019-02-25 18:55:02 +0100
0 - 0 - 1 https://bestadbid.com/?r=%2Fmb%2Fhan&pbk3=4b9 (...) 194.187.98.176
2018-10-09 12:07:19 +0200
0 - 0 - 0 bestadbid.com 194.187.98.176
2018-09-24 20:38:06 +0200
0 - 0 - 1 bestadbid.com 194.187.98.176
2018-09-24 14:46:14 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1409812 194.187.98.176
2018-09-19 14:34:43 +0200
0 - 0 - 4 bestadbid.com/afu.php?zoneid=1588797 194.187.98.176
2018-09-03 08:06:34 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1748446 194.187.98.176
2018-09-01 11:22:06 +0200
0 - 0 - 3 bestadbid.com/afu.php?zoneid=1641883 194.187.98.176
2018-08-24 14:24:00 +0200
0 - 0 - 2 bestadbid.com/afu.php?zoneid=1543567 194.187.98.176

Last 10 reports on ASN: AS35415 Webzilla B.V.

Date UQ / IDS / BL URL IP
2019-06-18 08:44:25 +0200
0 - 0 - 0 moyakrov.ru 46.30.40.98
2019-06-18 06:19:05 +0200
0 - 0 - 0 su1ufa.ru/prodazhi 46.30.40.98
2019-06-17 17:20:14 +0200
0 - 0 - 0 forwarder.ontecapps.com 46.30.45.215
2019-06-17 14:03:12 +0200
0 - 0 - 0 drtuber.com 78.140.187.214
2019-06-17 11:50:57 +0200
0 - 0 - 0 lightspacerus.ru 178.208.83.56
2019-06-17 10:46:18 +0200
0 - 0 - 0 https://mobysys.mobi/ 88.85.84.108
2019-06-17 02:19:12 +0200
0 - 0 - 1 dolohen.com 88.85.66.250
2019-06-16 20:47:30 +0200
0 - 0 - 0 https://mation.xyz/ 88.85.94.238
2019-06-16 15:57:41 +0200
0 - 0 - 1 https://efully.info/ 88.85.94.229
2019-06-16 09:29:31 +0200
0 - 0 - 0 mob1ledev1ces.com/rtb/s/AG75BF0SUQAAV-cBAElOG (...) 78.140.165.10

Last 10 reports on domain: bestadbid.com

Date UQ / IDS / BL URL IP
2019-05-20 12:22:43 +0200
0 - 0 - 0 bestadbid.com/afu.php?zoneid=1462665&var=13740980 194.187.98.176
2019-05-13 23:27:50 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1577003 188.42.162.193
2019-05-13 12:56:50 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1577003 188.42.162.193
2019-04-26 15:29:34 +0200
0 - 0 - 0 bestadbid.com/afu.php?zoneid=1997524&var=1234 (...) 88.85.82.180
2019-04-26 14:53:26 +0200
0 - 0 - 0 https://bestadbid.com 88.85.82.180
2019-04-23 15:00:28 +0200
0 - 0 - 0 bestadbid.com 188.42.162.193
2019-04-23 14:38:26 +0200
0 - 0 - 0 bestadbid.com/afu.php?zoneid=1997524&var=1234 (...) 194.187.98.176
2019-02-25 18:55:02 +0100
0 - 0 - 1 https://bestadbid.com/?r=%2Fmb%2Fhan&pbk3=4b9 (...) 194.187.98.176
2019-02-13 15:40:15 +0100
0 - 0 - 0 https://bestadbid.com 88.85.82.180
2019-01-06 19:35:48 +0100
0 - 0 - 0 bestadbid.com 188.42.162.193


JavaScript

Executed Scripts (2)


Executed Evals (2)

#1 JavaScript::Eval (size: 5318, repeated: 1) - SHA256: a6a76a343c867c0e8b0ef6339c7fec48580bc2c1e6c0ce80cd805151f90ad6f4

                                        function QCDone(d) {
    try {
        document.getElementById('ci_SW').value = d.SW
    } catch (e) {}
    try {
        document.getElementById('ci_SH').value = d.SH
    } catch (e) {}
    try {
        document.getElementById('ci_SAH').value = d.SAH
    } catch (e) {}
    try {
        document.getElementById('ci_WX').value = d.WX
    } catch (e) {}
    try {
        document.getElementById('ci_WY').value = d.WY
    } catch (e) {}
    try {
        document.getElementById('ci_WW').value = d.WW
    } catch (e) {}
    try {
        document.getElementById('ci_WH').value = d.WH
    } catch (e) {}
    try {
        document.getElementById('ci_CW').value = d.CW
    } catch (e) {}
    try {
        document.getElementById('ci_WIW').value = d.WIW
    } catch (e) {}
    try {
        document.getElementById('ci_WIH').value = d.WIH
    } catch (e) {}
    try {
        document.getElementById('ci_WFC').value = d.WFC
    } catch (e) {}
    try {
        document.getElementById('ci_PL').value = d.PL
    } catch (e) {}
    try {
        document.getElementById('ci_DRF').value = d.DRF
    } catch (e) {}
    try {
        document.getElementById('ci_NP').value = d.NP
    } catch (e) {}
    try {
        document.getElementById('ci_PT').value = d.PT
    } catch (e) {}
    try {
        document.getElementById('ci_NB').value = d.NB
    } catch (e) {}
    try {
        document.getElementById('ci_NG').value = d.NG
    } catch (e) {}
    try {
        document.getElementById('ci_DM').value = d.DM
    } catch (e) {}
    try {
        document.getElementById('ci_CF').value = d.CF
    } catch (e) {}
    try {
        document.getElementById('ci_NW').value = d.NW
    } catch (e) {}
    try {
        document.getElementById('ci_HIL').value = d.HIL
    } catch (e) {}
}
var QC = {};
try {
    QC.SW = window.screen.width;
    QC.SH = window.screen.height
} catch (e) {
    QC.SW = -1;
    QC.SH = -1
}
try {
    QC.SAH = window.screen.availHeight
} catch (e) {
    QC.SAH = -1
}
try {
    QC.WX = window.screenX;
    QC.WY = window.screenY
} catch (e) {
    QC.WX = -1;
    QC.WY = -1
}
try {
    QC.WW = window.outerWidth;
    QC.WH = window.outerHeight
} catch (e) {
    QC.WW = -1;
    QC.WH = -1
}
try {
    QC.WIW = window.innerWidth;
    QC.WIH = window.innerHeight
} catch (e) {
    QC.WIW = -1;
    QC.WIH = -1
}
try {
    QC.CW = document.documentElement.clientWidth
} catch (e) {
    QC.CW = -1
}
try {
    QC.WFC = window.top.frames.length
} catch (e) {
    QC.WFC = -1
}
try {
    QC.PL = document.location.href
} catch (e) {
    QC.PL = ''
}
try {
    QC.DRF = document.referrer
} catch (e) {
    QC.DRF = ''
}
try {
    QC.NP = (!(navigator.plugins instanceof PluginArray) || navigator.plugins.length == 0) ? 0 : 1
} catch (e) {
    QC.NP = -1
}
try {
    QC.PT = window.callPhantom !== undefined || window._phantom !== undefined ? 1 : 0
} catch (e) {
    QC.PT = -1
}
try {
    QC.NB = typeof navigator.sendBeacon === "function" ? 1 : 0
} catch (e) {
    QC.NB = -1
}
try {
    QC.NG = navigator.geolocation !== undefined ? 1 : 0
} catch (e) {
    QC.NG = -1
}
try {
    QC.NW = 'webdriver' in navigator ? 1 : 0
} catch (e) {
    QC.NW = -1
}
QC.CF = 0;
try {
    var FlashDetect = new function() {
        var self = this;
        self.installed = false;
        self.raw = "";
        self.major = -1;
        self.minor = -1;
        self.revision = -1;
        self.revisionStr = "";
        var activeXDetectRules = [{
            "name": "ShockwaveFlash.ShockwaveFlash.7",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash.6",
            "version": function(obj) {
                var version = "6,0,21";
                try {
                    obj.AllowScriptAccess = "always";
                    version = getActiveXVersion(obj)
                } catch (err) {}
                return version
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }];
        var getActiveXVersion = function(activeXObj) {
            var version = -1;
            try {
                version = activeXObj.GetVariable("\$version")
            } catch (err) {}
            return version
        };
        var getActiveXObject = function(name) {
            var obj = -1;
            try {
                obj = new ActiveXObject(name)
            } catch (err) {
                obj = {
                    activeXError: true
                }
            }
            return obj
        };
        var parseActiveXVersion = function(str) {
            var versionArray = str.split(",");
            return {
                "raw": str,
                "major": parseInt(versionArray[0].split(" ")[1], 10),
                "minor": parseInt(versionArray[1], 10),
                "revision": parseInt(versionArray[2], 10),
                "revisionStr": versionArray[2]
            }
        };
        var parseStandardVersion = function(str) {
            var descParts = str.split(/ +/);
            var majorMinor = descParts[2].split(/\./);
            var revisionStr = descParts[3];
            return {
                "raw": str,
                "major": parseInt(majorMinor[0], 10),
                "minor": parseInt(majorMinor[1], 10),
                "revisionStr": revisionStr,
                "revision": parseRevisionStrToInt(revisionStr)
            }
        };
        var parseRevisionStrToInt = function(str) {
            return parseInt(str.replace(/[a-zA-Z]/g, ""), 10) || self.revision
        };
        self.majorAtLeast = function(version) {
            return self.major >= version
        };
        self.minorAtLeast = function(version) {
            return self.minor >= version
        };
        self.revisionAtLeast = function(version) {
            return self.revision >= version
        };
        self.versionAtLeast = function(major) {
            var properties = [self.major, self.minor, self.revision];
            var len = Math.min(properties.length, arguments.length);
            for (i = 0; i < len; i++) {
                if (properties[i] >= arguments[i]) {
                    if (i + 1 < len && properties[i] == arguments[i]) {
                        continue
                    } else {
                        return true
                    }
                } else {
                    return false
                }
            }
        };
        self.FlashDetect = function() {
            if (navigator.plugins && navigator.plugins.length > 0) {
                var type = 'application/x-shockwave-flash';
                var mimeTypes = navigator.mimeTypes;
                if (mimeTypes && mimeTypes[type] && mimeTypes[type].enabledPlugin && mimeTypes[type].enabledPlugin.description) {
                    var version = mimeTypes[type].enabledPlugin.description;
                    var versionObj = parseStandardVersion(version);
                    self.raw = versionObj.raw;
                    self.major = versionObj.major;
                    self.minor = versionObj.minor;
                    self.revisionStr = versionObj.revisionStr;
                    self.revision = versionObj.revision;
                    self.installed = true
                }
            } else if (navigator.appVersion.indexOf("Mac") == -1 && window.execScript) {
                var version = -1;
                for (var i = 0; i < activeXDetectRules.length && version == -1; i++) {
                    var obj = getActiveXObject(activeXDetectRules[i].name);
                    if (!obj.activeXError) {
                        self.installed = true;
                        version = activeXDetectRules[i].version(obj);
                        if (version != -1) {
                            var versionObj = parseActiveXVersion(version);
                            self.raw = versionObj.raw;
                            self.major = versionObj.major;
                            self.minor = versionObj.minor;
                            self.revision = versionObj.revision;
                            self.revisionStr = versionObj.revisionStr
                        }
                    }
                }
            }
        }()
    };
    if (FlashDetect.major > 0) {
        QC.CF = 1
    }
} catch (e) {
    QC.CF = 2
}
try {
    QCDone(QC)
} catch (e) {
    console.log(e)
}
                                    

#2 JavaScript::Eval (size: 613, repeated: 1) - SHA256: 7d79d7f17504a461320f713188b82fa5a1fdfd154969db17892e75294035c861

                                        var a;
var b;
var ix;
if (typeof window.innerWidth != 'undefined') {
    a = window.innerWidth;
    b = window.innerHeight
} else if (typeof document.documentElement != 'undefined' && typeof document.documentElement.clientWidth != 'undefined' && document.documentElement.clientWidth != 0) {
    a = document.documentElement.clientWidth;
    b = document.documentElement.clientHeight
} else {
    a = document.getElementsByTagName('body')[0].clientWidth;
    b = document.getElementsByTagName('body')[0].clientHeight
}
try {
    ix = window.self !== window.top ? 1 : 0
} catch (e) {
    ix = 2
}
document.getElementById('a').value = a;
document.getElementById('b').value = b;
document.getElementById('ix').value = ix;
                                    

Executed Writes (0)



HTTP Transactions (8)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: status.rapidssl.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=155417
Date: Wed, 26 Sep 2018 20:40:07 GMT
Etag: "5bab8e93-1d7"
Expires: Fri, 28 Sep 2018 15:50:24 GMT
Last-Modified: Wed, 26 Sep 2018 13:50:11 GMT
Server: ECS (arn/46A2)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    ff4ed86c65e7bdfd6956fcf36c3a32e8
Sha1:   4e1edc7b9eb3d9ea8d9c8b5c9ece9640983d8045
Sha256: 742b179065fd076de31ee0d4fd4e347199ac3d6a174c42eda2ad74c51bcf27a7
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=165566
Date: Wed, 26 Sep 2018 20:40:07 GMT
Etag: "5babaacd-1d7"
Expires: Fri, 28 Sep 2018 18:39:33 GMT
Last-Modified: Wed, 26 Sep 2018 15:50:37 GMT
Server: ECS (arn/469D)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    7094054bec5c822508b38196adb7234a
Sha1:   b182180572b8e9c41f1fa5f792e52af0339feb58
Sha256: e0b0430fc67c5b7ae5ac53f272521045b9917a1b6650012581db4259a427d74d
                                        
                                            GET /afu.php?zoneid=1850667&var=new HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         188.42.162.193
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 26 Sep 2018 20:40:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: SeenToday=1; expires=Thu, 27-Sep-2018 20:40:07 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Thu, 27-Sep-2018 20:40:07 GMT; Max-Age=86400; path=/ oaidts=1537994407; expires=Thu, 26-Sep-2019 20:40:07 GMT; Max-Age=31536000; path=/ OAID=c6b9dd18a967eaaef10ff098bcfb03d9; expires=Thu, 26-Sep-2019 20:40:07 GMT; Max-Age=31536000; path=/ OXVAR=new; expires=Thu, 27-Sep-2018 20:40:07 GMT; Max-Age=86400; path=/ OAID=c6b9dd18a967eaaef10ff098bcfb03d9; expires=Thu, 26-Sep-2019 20:40:07 GMT; Max-Age=31536000; path=/ exsdsf=1537994407 pbk3=df978efed018589b0e106b44b8b54d326605635681481076566; expires=Wed, 26-Sep-2018 20:50:07 GMT; Max-Age=600 ltm_afu=1; expires=Thu, 27-Sep-2018 20:40:07 GMT; Max-Age=86400; path=/
X-FRAME-OPTIONS: DENY
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5017
Md5:    b344090dc91d30b36d3a7ae175c8b2ef
Sha1:   e2ed5aba5f22d927fe1aa498e3fa56b219d133d6
Sha256: ed7f64e0835eb5f0110051801fd402236aedfbb66eb980d0226c9c6fe23839b1
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1537994407; OAID=c6b9dd18a967eaaef10ff098bcfb03d9; OXVAR=new; exsdsf=1537994407; pbk3=df978efed018589b0e106b44b8b54d326605635681481076566; ltm_afu=1

                                         
                                         188.42.162.193
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Wed, 26 Sep 2018 20:40:08 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /?r=%2Fmb%2Fhan&pbk3=df978efed018589b0e106b44b8b54d326605635681481076566&empty=0&var=new&uuid=bbedb8a8-b181-4a7a-8d40-cf34623b9d51&ad_scheme=1&rotation_type=3&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=1474&adparams=bm9qcz0w&ip=f3d5bb63c9dbdcfb475795d659c65a4e&zoneid=1850667&x=1176&y=754&sw=1176&sh=885&sah=855&wx=-4&wy=-4&ww=1184&wh=863&cw=1176&wiw=1176&wih=754&wfc=0&pl=https%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1850667%26var%3Dnew&drf=&np=1&pt=0&nb=0&ng=1&dm=undefined&cf=1&nw=0&hil=undefined&id=92141017c6e9c231784eb49564cf67ef&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=1&sf_type=1&timeout=0 HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://bestadbid.com/afu.php?zoneid=1850667&var=new
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1537994407; OAID=c6b9dd18a967eaaef10ff098bcfb03d9; OXVAR=new; exsdsf=1537994407; pbk3=df978efed018589b0e106b44b8b54d326605635681481076566; ltm_afu=1

                                         
                                         188.42.162.193
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Wed, 26 Sep 2018 20:40:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: f3d5bb63c9dbdcfb475795d659c65a4e=5-R_y1yN04sahjA3q2F-Sw9_aslN3dXyXXVj1UC7k10; expires=Wed, 03-Oct-2018 20:40:08 GMT; Max-Age=604800 OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Thu, 27-Sep-2018 20:40:08 GMT; Max-Age=86400; path=/ ppucnt=1; expires=Thu, 27-Sep-2018 20:40:08 GMT; Max-Age=86400; path=/ ppucntstart=1537994408; expires=Thu, 27-Sep-2018 20:40:08 GMT; Max-Age=86400; path=/ allcnt=1; expires=Thu, 26-Sep-2019 20:40:08 GMT; Max-Age=31536000; path=/ OAID=c6b9dd18a967eaaef10ff098bcfb03d9; expires=Thu, 26-Sep-2019 20:40:08 GMT; Max-Age=31536000; path=/ _OACCAP[1331307]=1; expires=Thu, 26-Sep-2019 20:40:08 GMT; Max-Age=31536000; path=/ _OACBLOCK[1331307]=1537994408; expires=Fri, 26-Oct-2018 20:40:08 GMT; Max-Age=2592000; path=/ _OXCCLK[1331307]=1; expires=Thu, 26-Sep-2019 20:40:08 GMT; Max-Age=31536000; path=/ _OXPCLK[27638]=1; expires=Thu, 26-Sep-2019 20:40:08 GMT; Max-Age=31536000; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://adserving.unibet.com/redirect.aspx?bid=27899&pid=2871013&sref=FAST&FAST=1850667&sf_type=1
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            GET /redirect.aspx?bid=27899&pid=2871013&sref=FAST&FAST=1850667&sf_type=1 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         85.184.96.10
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Date: Wed, 26 Sep 2018 20:40:08 GMT
Content-Length: 178
Connection: keep-alive
Location: https://adserving.unibet.com/redirect.aspx?bid=27899&pid=2871013&sref=FAST&FAST=1850667&sf_type=1
Server: kindred-loadbalancer
Strict-Transport-Security: max-age=63072000; preload
X-FRAME-OPTIONS: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
X-DD-Host: inf5312


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1537994407; OAID=c6b9dd18a967eaaef10ff098bcfb03d9; OXVAR=new; exsdsf=1537994407; pbk3=df978efed018589b0e106b44b8b54d326605635681481076566; ltm_afu=1; f3d5bb63c9dbdcfb475795d659c65a4e=5-R_y1yN04sahjA3q2F-Sw9_aslN3dXyXXVj1UC7k10; ppucnt=1; ppucntstart=1537994408; allcnt=1; _OACCAP[1331307]=1; _OACBLOCK[1331307]=1537994408; _OXCCLK[1331307]=1; _OXPCLK[27638]=1

                                         
                                         188.42.162.193
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Wed, 26 Sep 2018 20:40:11 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /redirect.aspx?bid=27899&pid=2871013&sref=FAST&FAST=1850667&sf_type=1 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         0.0.0.0
                                        


--- Additional Info ---