Overview

URL bestadbid.com/afu.php?zoneid=1543567
IP188.42.162.193
ASN
Location Luxembourg
Report completed2018-08-23 13:34:37 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-08-23 2 bestadbid.com/afu.php?zoneid=1543567 Malware
2018-08-23 2 static.audienceline.com/templates/audio/system-player/css/style.css?v=1.0 Malware
2018-08-23 2 static.audienceline.com/templates/_assets/sounds/thunderbird/default.ogg Malware
2018-08-23 2 static.audienceline.com/templates/audio/system-player/audio/song.mp3 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 188.42.162.193

Date UQ / IDS / BL URL IP
2019-05-13 23:27:50 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1577003 188.42.162.193
2019-05-13 12:56:50 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1577003 188.42.162.193
2019-04-23 15:00:28 +0200
0 - 0 - 0 bestadbid.com 188.42.162.193
2019-01-06 19:35:48 +0100
0 - 0 - 0 bestadbid.com 188.42.162.193
2018-10-12 16:37:19 +0200
0 - 0 - 0 https://bestadbid.com 188.42.162.193
2018-09-26 02:37:00 +0200
0 - 0 - 1 bestadbid.com 188.42.162.193
2018-09-21 00:01:52 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1543567 188.42.162.193
2018-08-25 04:16:47 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1543567 188.42.162.193
2018-08-24 16:13:05 +0200
0 - 0 - 4 bestadbid.com/afu.php?zoneid=1543567 188.42.162.193
2018-08-23 23:39:08 +0200
0 - 0 - 3 bestadbid.com/afu.php?zoneid=1543567 188.42.162.193

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-06-26 23:21:31 +0200
0 - 0 - 6 rasayana.com.br/app/ 162.241.46.175
2019-06-26 23:12:16 +0200
0 - 0 - 0 https://www.sustainability.gov/ 52.37.33.221
2019-06-26 23:07:32 +0200
0 - 0 - 0 https://www.qualityhealth.com 143.204.47.7
2019-06-26 23:05:36 +0200
0 - 0 - 0 www.qualityhealth.com 143.204.47.7
2019-06-26 23:00:42 +0200
0 - 0 - 0 64.253.33.38 64.253.33.38
2019-06-26 22:57:04 +0200
0 - 0 - 0 https://ln.sync.com/dl/89d7c4e80/v9i2dgsu-sx7 (...) 3.210.34.29
2019-06-26 22:56:59 +0200
0 - 0 - 0 https://ln.sync.com/dl/7b5cbeec0/v8ijb9sd-um4 (...) 34.234.144.117
2019-06-26 22:49:31 +0200
0 - 0 - 0 sogou.com 118.191.216.57
2019-06-26 22:48:54 +0200
0 - 0 - 0 139.59.44.213 139.59.44.213
2019-06-26 22:45:25 +0200
0 - 0 - 0 https://familydollarnew.optimove.net 107.154.132.121

Last 10 reports on domain: bestadbid.com

Date UQ / IDS / BL URL IP
2019-05-20 12:22:43 +0200
0 - 0 - 0 bestadbid.com/afu.php?zoneid=1462665&var=13740980 194.187.98.176
2019-05-13 23:27:50 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1577003 188.42.162.193
2019-05-13 12:56:50 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1577003 188.42.162.193
2019-04-26 15:29:34 +0200
0 - 0 - 0 bestadbid.com/afu.php?zoneid=1997524&var=1234 (...) 88.85.82.180
2019-04-26 14:53:26 +0200
0 - 0 - 0 https://bestadbid.com 88.85.82.180
2019-04-23 15:00:28 +0200
0 - 0 - 0 bestadbid.com 188.42.162.193
2019-04-23 14:38:26 +0200
0 - 0 - 0 bestadbid.com/afu.php?zoneid=1997524&var=1234 (...) 194.187.98.176
2019-02-25 18:55:02 +0100
0 - 0 - 1 https://bestadbid.com/?r=%2Fmb%2Fhan&pbk3=4b9 (...) 194.187.98.176
2019-02-13 15:40:15 +0100
0 - 0 - 0 https://bestadbid.com 88.85.82.180
2019-01-06 19:35:48 +0100
0 - 0 - 0 bestadbid.com 188.42.162.193


JavaScript

Executed Scripts (6)


Executed Evals (2)

#1 JavaScript::Eval (size: 5318, repeated: 1) - SHA256: a6a76a343c867c0e8b0ef6339c7fec48580bc2c1e6c0ce80cd805151f90ad6f4

                                        function QCDone(d) {
    try {
        document.getElementById('ci_SW').value = d.SW
    } catch (e) {}
    try {
        document.getElementById('ci_SH').value = d.SH
    } catch (e) {}
    try {
        document.getElementById('ci_SAH').value = d.SAH
    } catch (e) {}
    try {
        document.getElementById('ci_WX').value = d.WX
    } catch (e) {}
    try {
        document.getElementById('ci_WY').value = d.WY
    } catch (e) {}
    try {
        document.getElementById('ci_WW').value = d.WW
    } catch (e) {}
    try {
        document.getElementById('ci_WH').value = d.WH
    } catch (e) {}
    try {
        document.getElementById('ci_CW').value = d.CW
    } catch (e) {}
    try {
        document.getElementById('ci_WIW').value = d.WIW
    } catch (e) {}
    try {
        document.getElementById('ci_WIH').value = d.WIH
    } catch (e) {}
    try {
        document.getElementById('ci_WFC').value = d.WFC
    } catch (e) {}
    try {
        document.getElementById('ci_PL').value = d.PL
    } catch (e) {}
    try {
        document.getElementById('ci_DRF').value = d.DRF
    } catch (e) {}
    try {
        document.getElementById('ci_NP').value = d.NP
    } catch (e) {}
    try {
        document.getElementById('ci_PT').value = d.PT
    } catch (e) {}
    try {
        document.getElementById('ci_NB').value = d.NB
    } catch (e) {}
    try {
        document.getElementById('ci_NG').value = d.NG
    } catch (e) {}
    try {
        document.getElementById('ci_DM').value = d.DM
    } catch (e) {}
    try {
        document.getElementById('ci_CF').value = d.CF
    } catch (e) {}
    try {
        document.getElementById('ci_NW').value = d.NW
    } catch (e) {}
    try {
        document.getElementById('ci_HIL').value = d.HIL
    } catch (e) {}
}
var QC = {};
try {
    QC.SW = window.screen.width;
    QC.SH = window.screen.height
} catch (e) {
    QC.SW = -1;
    QC.SH = -1
}
try {
    QC.SAH = window.screen.availHeight
} catch (e) {
    QC.SAH = -1
}
try {
    QC.WX = window.screenX;
    QC.WY = window.screenY
} catch (e) {
    QC.WX = -1;
    QC.WY = -1
}
try {
    QC.WW = window.outerWidth;
    QC.WH = window.outerHeight
} catch (e) {
    QC.WW = -1;
    QC.WH = -1
}
try {
    QC.WIW = window.innerWidth;
    QC.WIH = window.innerHeight
} catch (e) {
    QC.WIW = -1;
    QC.WIH = -1
}
try {
    QC.CW = document.documentElement.clientWidth
} catch (e) {
    QC.CW = -1
}
try {
    QC.WFC = window.top.frames.length
} catch (e) {
    QC.WFC = -1
}
try {
    QC.PL = document.location.href
} catch (e) {
    QC.PL = ''
}
try {
    QC.DRF = document.referrer
} catch (e) {
    QC.DRF = ''
}
try {
    QC.NP = (!(navigator.plugins instanceof PluginArray) || navigator.plugins.length == 0) ? 0 : 1
} catch (e) {
    QC.NP = -1
}
try {
    QC.PT = window.callPhantom !== undefined || window._phantom !== undefined ? 1 : 0
} catch (e) {
    QC.PT = -1
}
try {
    QC.NB = typeof navigator.sendBeacon === "function" ? 1 : 0
} catch (e) {
    QC.NB = -1
}
try {
    QC.NG = navigator.geolocation !== undefined ? 1 : 0
} catch (e) {
    QC.NG = -1
}
try {
    QC.NW = 'webdriver' in navigator ? 1 : 0
} catch (e) {
    QC.NW = -1
}
QC.CF = 0;
try {
    var FlashDetect = new function() {
        var self = this;
        self.installed = false;
        self.raw = "";
        self.major = -1;
        self.minor = -1;
        self.revision = -1;
        self.revisionStr = "";
        var activeXDetectRules = [{
            "name": "ShockwaveFlash.ShockwaveFlash.7",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash.6",
            "version": function(obj) {
                var version = "6,0,21";
                try {
                    obj.AllowScriptAccess = "always";
                    version = getActiveXVersion(obj)
                } catch (err) {}
                return version
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }];
        var getActiveXVersion = function(activeXObj) {
            var version = -1;
            try {
                version = activeXObj.GetVariable("\$version")
            } catch (err) {}
            return version
        };
        var getActiveXObject = function(name) {
            var obj = -1;
            try {
                obj = new ActiveXObject(name)
            } catch (err) {
                obj = {
                    activeXError: true
                }
            }
            return obj
        };
        var parseActiveXVersion = function(str) {
            var versionArray = str.split(",");
            return {
                "raw": str,
                "major": parseInt(versionArray[0].split(" ")[1], 10),
                "minor": parseInt(versionArray[1], 10),
                "revision": parseInt(versionArray[2], 10),
                "revisionStr": versionArray[2]
            }
        };
        var parseStandardVersion = function(str) {
            var descParts = str.split(/ +/);
            var majorMinor = descParts[2].split(/\./);
            var revisionStr = descParts[3];
            return {
                "raw": str,
                "major": parseInt(majorMinor[0], 10),
                "minor": parseInt(majorMinor[1], 10),
                "revisionStr": revisionStr,
                "revision": parseRevisionStrToInt(revisionStr)
            }
        };
        var parseRevisionStrToInt = function(str) {
            return parseInt(str.replace(/[a-zA-Z]/g, ""), 10) || self.revision
        };
        self.majorAtLeast = function(version) {
            return self.major >= version
        };
        self.minorAtLeast = function(version) {
            return self.minor >= version
        };
        self.revisionAtLeast = function(version) {
            return self.revision >= version
        };
        self.versionAtLeast = function(major) {
            var properties = [self.major, self.minor, self.revision];
            var len = Math.min(properties.length, arguments.length);
            for (i = 0; i < len; i++) {
                if (properties[i] >= arguments[i]) {
                    if (i + 1 < len && properties[i] == arguments[i]) {
                        continue
                    } else {
                        return true
                    }
                } else {
                    return false
                }
            }
        };
        self.FlashDetect = function() {
            if (navigator.plugins && navigator.plugins.length > 0) {
                var type = 'application/x-shockwave-flash';
                var mimeTypes = navigator.mimeTypes;
                if (mimeTypes && mimeTypes[type] && mimeTypes[type].enabledPlugin && mimeTypes[type].enabledPlugin.description) {
                    var version = mimeTypes[type].enabledPlugin.description;
                    var versionObj = parseStandardVersion(version);
                    self.raw = versionObj.raw;
                    self.major = versionObj.major;
                    self.minor = versionObj.minor;
                    self.revisionStr = versionObj.revisionStr;
                    self.revision = versionObj.revision;
                    self.installed = true
                }
            } else if (navigator.appVersion.indexOf("Mac") == -1 && window.execScript) {
                var version = -1;
                for (var i = 0; i < activeXDetectRules.length && version == -1; i++) {
                    var obj = getActiveXObject(activeXDetectRules[i].name);
                    if (!obj.activeXError) {
                        self.installed = true;
                        version = activeXDetectRules[i].version(obj);
                        if (version != -1) {
                            var versionObj = parseActiveXVersion(version);
                            self.raw = versionObj.raw;
                            self.major = versionObj.major;
                            self.minor = versionObj.minor;
                            self.revision = versionObj.revision;
                            self.revisionStr = versionObj.revisionStr
                        }
                    }
                }
            }
        }()
    };
    if (FlashDetect.major > 0) {
        QC.CF = 1
    }
} catch (e) {
    QC.CF = 2
}
try {
    QCDone(QC)
} catch (e) {
    console.log(e)
}
                                    

#2 JavaScript::Eval (size: 613, repeated: 1) - SHA256: 7d79d7f17504a461320f713188b82fa5a1fdfd154969db17892e75294035c861

                                        var a;
var b;
var ix;
if (typeof window.innerWidth != 'undefined') {
    a = window.innerWidth;
    b = window.innerHeight
} else if (typeof document.documentElement != 'undefined' && typeof document.documentElement.clientWidth != 'undefined' && document.documentElement.clientWidth != 0) {
    a = document.documentElement.clientWidth;
    b = document.documentElement.clientHeight
} else {
    a = document.getElementsByTagName('body')[0].clientWidth;
    b = document.getElementsByTagName('body')[0].clientHeight
}
try {
    ix = window.self !== window.top ? 1 : 0
} catch (e) {
    ix = 2
}
document.getElementById('a').value = a;
document.getElementById('b').value = b;
document.getElementById('ix').value = ix;
                                    

Executed Writes (0)



HTTP Transactions (19)


Request Response
                                        
                                            GET /afu.php?zoneid=1543567 HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         194.187.98.176
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: SeenToday=1; expires=Fri, 24-Aug-2018 11:34:05 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; expires=Fri, 24-Aug-2018 11:34:05 GMT; Max-Age=86400; path=/ oaidts=1535024045; expires=Fri, 23-Aug-2019 11:34:05 GMT; Max-Age=31536000; path=/ OAID=d71c892d1c5eb2ad3311386b39ac028f; expires=Fri, 23-Aug-2019 11:34:05 GMT; Max-Age=31536000; path=/ OAID=d71c892d1c5eb2ad3311386b39ac028f; expires=Fri, 23-Aug-2019 11:34:05 GMT; Max-Age=31536000; path=/ exsdsf=1535024045 pbk3=d358b4d30cc0f1f9e87018adcb3f343e6592878073739537336; expires=Thu, 23-Aug-2018 11:44:05 GMT; Max-Age=600 ltm_afu=1; expires=Fri, 24-Aug-2018 11:34:05 GMT; Max-Age=86400; path=/
X-FRAME-OPTIONS: DENY
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4546
Md5:    868b468eae22933c83e9f8548791f408
Sha1:   bc79e85d507ef7ca4a419f26f98f0706036f47ca
Sha256: 5b08e71518793215bd45b067fbda112784c6d355db0b64fdc99c8c2026f6c90c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; oaidts=1535024045; OAID=d71c892d1c5eb2ad3311386b39ac028f; exsdsf=1535024045; pbk3=d358b4d30cc0f1f9e87018adcb3f343e6592878073739537336; ltm_afu=1

                                         
                                         194.187.98.176
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:06 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /?r=%2Fmb%2Fhan&zoneid=1543567&pbk3=d358b4d30cc0f1f9e87018adcb3f343e6592878073739537336&empty=0&uuid=012ea4d6-1606-4f8c-bb00-0439dbec7195&ad_scheme=1&rotation_type=13&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=1477&adparams=bm9qcz0w&ip=f3d5bb63c9dbdcfb475795d659c65a4e&x=1176&y=754&sw=1176&sh=885&sah=855&wx=-4&wy=-4&ww=1184&wh=863&cw=1176&wiw=1176&wih=754&wfc=0&pl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1543567&drf=&np=1&pt=0&nb=0&ng=1&dm=undefined&cf=1&nw=0&hil=undefined&id=0af44684f9debd4166518ed83d4eddf9&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=1&timeout=0 HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bestadbid.com/afu.php?zoneid=1543567
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; oaidts=1535024045; OAID=d71c892d1c5eb2ad3311386b39ac028f; exsdsf=1535024045; pbk3=d358b4d30cc0f1f9e87018adcb3f343e6592878073739537336; ltm_afu=1

                                         
                                         194.187.98.176
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: f3d5bb63c9dbdcfb475795d659c65a4e=p8QNIHGpC5FvL4qJzi4rupw8ixLk8kA2Y4OEB3-7UII; expires=Thu, 30-Aug-2018 11:34:06 GMT; Max-Age=604800 OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; expires=Fri, 24-Aug-2018 11:34:06 GMT; Max-Age=86400; path=/ ppucnt=1; expires=Fri, 24-Aug-2018 11:34:06 GMT; Max-Age=86400; path=/ ppucntstart=1535024046; expires=Fri, 24-Aug-2018 11:34:06 GMT; Max-Age=86400; path=/ allcnt=1; expires=Fri, 23-Aug-2019 11:34:06 GMT; Max-Age=31536000; path=/ OAID=d71c892d1c5eb2ad3311386b39ac028f; expires=Fri, 23-Aug-2019 11:34:06 GMT; Max-Age=31536000; path=/ _OACCAP[1221832]=1; expires=Fri, 23-Aug-2019 11:34:06 GMT; Max-Age=31536000; path=/ _OACBLOCK[1221832]=1535024046; expires=Sat, 22-Sep-2018 11:34:06 GMT; Max-Age=2592000; path=/ _OXCCLK[1221832]=1; expires=Fri, 23-Aug-2019 11:34:06 GMT; Max-Age=31536000; path=/ _OXPCLK[129396]=1; expires=Fri, 23-Aug-2019 11:34:06 GMT; Max-Age=31536000; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://psebsifil.com/?s=56457547015536640&z=1543567&g=NO&svar=1535024046.1327&ssk=76ba5bc0a72fc2b61fa4fba6fc929e92&oaid=d71c892d1c5eb2ad3311386b39ac028f&h=a528eb5f6660c2459e16010a2b139581b1b82a7b&b=1920254&did=&campid=1221832
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.91
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "9631CB5A16B1885F913367936F376BBF387ABC0867B5DF2E0079CF83A35C516F"
Last-Modified: Mon, 20 Aug 2018 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16677
Expires: Thu, 23 Aug 2018 16:12:03 GMT
Date: Thu, 23 Aug 2018 11:34:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    7bc19f29ebd4dbd15549a95a26ceae4f
Sha1:   e214926502b355d75bc57b317ebb23292b1b8d46
Sha256: 9631cb5a16b1885f913367936f376bbf387abc0867b5df2e0079cf83a35c516f
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.121
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Wed, 22 Aug 2018 21:52:19 GMT
Etag: "79d0ee42fe87cf6e2b6a9198933c15e4824d9831"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=4587
Expires: Thu, 23 Aug 2018 12:50:33 GMT
Date: Thu, 23 Aug 2018 11:34:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    d0b3fc30d5fed55aab23aeeae2ea3085
Sha1:   79d0ee42fe87cf6e2b6a9198933c15e4824d9831
Sha256: 108045ca68777bbac16333397112028a0d520b2df68a7b52e9c865fda276db05
                                        
                                            GET /?s=56457547015536640&z=1543567&g=NO&svar=1535024046.1327&ssk=76ba5bc0a72fc2b61fa4fba6fc929e92&oaid=d71c892d1c5eb2ad3311386b39ac028f&h=a528eb5f6660c2459e16010a2b139581b1b82a7b&b=1920254&did=&campid=1221832 HTTP/1.1 
Host: psebsifil.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bestadbid.com/afu.php?zoneid=1543567

                                         
                                         188.42.224.21
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.9
Location: https://audienceline.com/?b=1920254&ba=0&campid=1221832&did=&dm=0&ep=0&fp=0&g=NO&hr=0&i18db=1&l=35cvT0Wd6El6Gap&oaid=d71c892d1c5eb2ad3311386b39ac028f&pshr=0&rd=0&s=56457547015536640&ssk=76ba5bc0a72fc2b61fa4fba6fc929e92&svar=1535024046.1327&vi=1&vo=1&z=1543567&tr=default&meta-id=MTk3NTk5&meta-tds-id=MTA4NDU&meta-tracking-id=MTMzNDMxMw


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.91
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "F0E35DE94C30591242F7179B7F27F7365104104D5B4EC26FF12702AF1394C26D"
Last-Modified: Wed, 22 Aug 2018 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=26836
Expires: Thu, 23 Aug 2018 19:01:22 GMT
Date: Thu, 23 Aug 2018 11:34:06 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    554f169a2dac31765b868933e8230ef7
Sha1:   646cc185087a4a1f750ff63df7aa54ebe9f0c3c8
Sha256: f0e35de94c30591242f7179b7f27f7365104104d5b4ec26ff12702af1394c26d
                                        
                                            GET /?b=1920254&ba=0&campid=1221832&did=&dm=0&ep=0&fp=0&g=NO&hr=0&i18db=1&l=35cvT0Wd6El6Gap&oaid=d71c892d1c5eb2ad3311386b39ac028f&pshr=0&rd=0&s=56457547015536640&ssk=76ba5bc0a72fc2b61fa4fba6fc929e92&svar=1535024046.1327&vi=1&vo=1&z=1543567&tr=default&meta-id=MTk3NTk5&meta-tds-id=MTA4NDU&meta-tracking-id=MTMzNDMxMw HTTP/1.1 
Host: audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bestadbid.com/afu.php?zoneid=1543567

                                         
                                         188.42.224.230
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.9
Set-Cookie: reverse=KBobJjNOzBfH4aCFJq64AiN5MB-q3D5HmK5lf944KXA; expires=Thu, 23-Aug-2018 12:34:06 GMT; Max-Age=3600; path=/
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21486
Md5:    5ca4ae0f30c83fd55c0459dc5f54751d
Sha1:   6ad89e1af5793d9438734f80af1fd2fcadac28dc
Sha256: dd37b0c9aba07d36336f23ef3b12caa782a0b0fb05eacdc2494237751ae50ff8
                                        
                                            GET /templates/audio/system-player/css/style.css?v=1.0 HTTP/1.1 
Host: static.audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://audienceline.com/?b=1920254&ba=0&campid=1221832&did=&dm=0&ep=0&fp=0&g=NO&hr=0&i18db=1&l=35cvT0Wd6El6Gap&oaid=d71c892d1c5eb2ad3311386b39ac028f&pshr=0&rd=0&s=56457547015536640&ssk=76ba5bc0a72fc2b61fa4fba6fc929e92&svar=1535024046.1327&vi=1&vo=1&z=1543567&tr=default&meta-id=MTk3NTk5&meta-tds-id=MTA4NDU&meta-tracking-id=MTMzNDMxMw

                                         
                                         188.42.224.230
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:06 GMT
Last-Modified: Wed, 22 Aug 2018 14:57:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5b7d79c7-a3b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   684
Md5:    705bd18bf8489626985ad69f5a743017
Sha1:   163fd3d3a63dd6db1b70db182a20569108ed4f25
Sha256: 5c89b523bd0a040fd5b428761800c03ece9413e80742d618e381d1627e59b115

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /templates/audio/system-player/images/file.png HTTP/1.1 
Host: static.audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://audienceline.com/?b=1920254&ba=0&campid=1221832&did=&dm=0&ep=0&fp=0&g=NO&hr=0&i18db=1&l=35cvT0Wd6El6Gap&oaid=d71c892d1c5eb2ad3311386b39ac028f&pshr=0&rd=0&s=56457547015536640&ssk=76ba5bc0a72fc2b61fa4fba6fc929e92&svar=1535024046.1327&vi=1&vo=1&z=1543567&tr=default&meta-id=MTk3NTk5&meta-tds-id=MTA4NDU&meta-tracking-id=MTMzNDMxMw

                                         
                                         188.42.224.230
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:06 GMT
Content-Length: 9018
Last-Modified: Wed, 22 Aug 2018 14:57:11 GMT
Connection: keep-alive
Etag: "5b7d79c7-233a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 85 x 99, 8-bit/color RGBA, non-interlaced
Size:   9018
Md5:    43e6049191363516c71c65f850413916
Sha1:   7b62d36a0e856928f892f46283baf0bce6a7627e
Sha256: 72523a05222d0987ede8bcb543cbb89acff86346851fa1e34a35eb0758478739
                                        
                                            GET /templates/audio/system-player/images/warning.png HTTP/1.1 
Host: static.audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://audienceline.com/?b=1920254&ba=0&campid=1221832&did=&dm=0&ep=0&fp=0&g=NO&hr=0&i18db=1&l=35cvT0Wd6El6Gap&oaid=d71c892d1c5eb2ad3311386b39ac028f&pshr=0&rd=0&s=56457547015536640&ssk=76ba5bc0a72fc2b61fa4fba6fc929e92&svar=1535024046.1327&vi=1&vo=1&z=1543567&tr=default&meta-id=MTk3NTk5&meta-tds-id=MTA4NDU&meta-tracking-id=MTMzNDMxMw

                                         
                                         188.42.224.230
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:06 GMT
Content-Length: 1681
Last-Modified: Wed, 22 Aug 2018 14:57:11 GMT
Connection: keep-alive
Etag: "5b7d79c7-691"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 45 x 39, 8-bit/color RGBA, non-interlaced
Size:   1681
Md5:    3e9c27118129d764c7c10a78461ae924
Sha1:   a3dcff1be16760085903185d8895872447a9e2fb
Sha256: 0fdbcea28cd60961dd1336cef7479c0aea0a7a6b661f769057edcf62dfb5c16a
                                        
                                            GET /templates/_assets/sounds/thunderbird/default.ogg HTTP/1.1 
Host: static.audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Range: bytes=0-

                                         
                                         188.42.224.230
HTTP/1.1 206 Partial Content
Content-Type: audio/ogg
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:07 GMT
Content-Length: 17412
Last-Modified: Wed, 22 Aug 2018 14:57:11 GMT
Connection: keep-alive
Etag: "5b7d79c7-4404"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Range: bytes 0-17411/17412


--- Additional Info ---
Magic:  Ogg data, Vorbis audio, stereo, 44100 Hz, ~160000 bps, created by: Xiph.Org libVorbis I
Size:   17412
Md5:    a36387b367b000edf65134814ec79da3
Sha1:   1ac203225405ca93ca722633ba8a948c9e6280c9
Sha256: 26a893d1f82f4d593f6a9f68929a6d39eeb66cf178efc476ba7b2a20f2622df8

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: status.rapidssl.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=156794
Date: Thu, 23 Aug 2018 11:34:07 GMT
Etag: "5b7c683f-1d7"
Expires: Sat, 25 Aug 2018 06:38:33 GMT
Last-Modified: Tue, 21 Aug 2018 19:30:07 GMT
Server: ECS (arn/46D1)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    d96998e7d622a5ecbc518d4da676c9e8
Sha1:   d28c4f65269d57913158f70da5677d03e567bc01
Sha256: 26fe533b3ef2a4b520cb73ee6aa1d8483c81bcc57253aa569df337616b229749
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=156109
Date: Thu, 23 Aug 2018 11:34:07 GMT
Etag: "5b7e2f4f-1d7"
Expires: Sat, 25 Aug 2018 06:51:19 GMT
Last-Modified: Thu, 23 Aug 2018 03:51:43 GMT
Server: ECS (arn/46D1)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    7c418b3906993ffaa9c243b3f5b0f9da
Sha1:   685a89eba84f6dc89bbfdcf35fb0029f3f8be6e8
Sha256: a1fa9ff96c88eb66a8e1be395b885bc09df9215dba916c4256d58396b575cae4
                                        
                                            GET /index/1686870/?tc=s HTTP/1.1 
Host: o.pushsight.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://audienceline.com/?b=1920254&ba=0&campid=1221832&did=&dm=0&ep=0&fp=0&g=NO&hr=0&i18db=1&l=35cvT0Wd6El6Gap&oaid=d71c892d1c5eb2ad3311386b39ac028f&pshr=0&rd=0&s=56457547015536640&ssk=76ba5bc0a72fc2b61fa4fba6fc929e92&svar=1535024046.1327&vi=1&vo=1&z=1543567&tr=default&meta-id=MTk3NTk5&meta-tds-id=MTA4NDU&meta-tracking-id=MTMzNDMxMw

                                         
                                         23.111.231.73
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: SeenToday=1; expires=Fri, 24-Aug-2018 11:34:07 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C1%7C11329%7C43703%7C%3F%7C578205; expires=Fri, 24-Aug-2018 11:34:07 GMT; Max-Age=86400; path=/ oaidts=1535024047; expires=Fri, 23-Aug-2019 11:34:07 GMT; Max-Age=31536000; path=/ OAID=02533bf897a74656b16e3eb8d105d905; expires=Fri, 23-Aug-2019 11:34:07 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4160
Md5:    83946aca080e2c7aef420ae75f14fbe5
Sha1:   e3854deeb7b4601372c9e4d2d94a5ae895edc5b7
Sha256: 9b9675ffe3ad67755f79a148586e34a9f9675b68d81b9f4623b8a455a4b1a745
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: reverse=KBobJjNOzBfH4aCFJq64AiN5MB-q3D5HmK5lf944KXA

                                         
                                         188.42.224.230
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:07 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: reverse=KBobJjNOzBfH4aCFJq64AiN5MB-q3D5HmK5lf944KXA

                                         
                                         188.42.224.230
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:09 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; oaidts=1535024045; OAID=d71c892d1c5eb2ad3311386b39ac028f; exsdsf=1535024045; pbk3=d358b4d30cc0f1f9e87018adcb3f343e6592878073739537336; ltm_afu=1; f3d5bb63c9dbdcfb475795d659c65a4e=p8QNIHGpC5FvL4qJzi4rupw8ixLk8kA2Y4OEB3-7UII; ppucnt=1; ppucntstart=1535024046; allcnt=1; _OACCAP[1221832]=1; _OACBLOCK[1221832]=1535024046; _OXCCLK[1221832]=1; _OXPCLK[129396]=1

                                         
                                         194.187.98.176
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:09 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /templates/audio/system-player/audio/song.mp3 HTTP/1.1 
Host: static.audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Range: bytes=0-

                                         
                                         188.42.224.230
HTTP/1.1 206 Partial Content
Content-Type: audio/mpeg
                                        
Server: nginx
Date: Thu, 23 Aug 2018 11:34:06 GMT
Content-Length: 186262
Last-Modified: Wed, 22 Aug 2018 14:57:11 GMT
Connection: keep-alive
Etag: "5b7d79c7-2d796"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Range: bytes 0-186261/186262


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware