Overview

URL nbctvsports.tk/
IP198.54.116.231
ASN
Location United States
Report completed2017-11-21 03:05:56 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2017-11-21 03:11:46 CET 2 Client IP  198.54.116.231 ET POLICY HTTP Request to a *.tk domain
2017-11-21 03:11:46 CET 2 Client IP  198.54.116.231 ET POLICY HTTP Request to a *.tk domain
2017-11-21 03:11:46 CET 2 Client IP  198.54.116.231 ET POLICY HTTP Request to a *.tk domain


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 198.54.116.231

Date UQ / IDS / BL URL IP
2019-01-03 18:27:19 +0100
0 - 1 - 2 empleoshoy.gq/ 198.54.116.231
2018-11-04 02:33:20 +0100
0 - 0 - 0 https://rugbystreaminghd.com/ufc-230-live/ 198.54.116.231
2018-11-03 22:11:41 +0100
0 - 0 - 0 https://rugbystreaminghd.com/ufc-230-live/ 198.54.116.231
2018-11-03 18:26:09 +0100
0 - 0 - 0 https://rugbystreaminghd.com/ufc-230-live/ 198.54.116.231
2018-11-03 14:07:44 +0100
0 - 0 - 0 https://rugbystreaminghd.com/cormier-vs-lewis (...) 198.54.116.231
2018-10-27 20:45:48 +0200
0 - 0 - 0 https://rugbystreaminghd.com/jacobs-vs-derevy (...) 198.54.116.231
2018-10-12 00:49:12 +0200
0 - 0 - 0 https://rugbystreaminghd.com/eagles-vs-giants (...) 198.54.116.231
2018-10-11 18:06:17 +0200
0 - 0 - 0 https://rugbystreaminghd.com/giants-vs-eagles (...) 198.54.116.231
2018-01-20 11:01:59 +0100
0 - 0 - 0 eitdesk.com 198.54.116.231
2018-01-14 18:35:39 +0100
0 - 0 - 1 ourmobilepcs.com/dfjkgy7 198.54.116.231

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-07-02 09:48:15 +0200
0 - 0 - 0 https://www.imdb.com/list/ls049696316/ 143.204.52.228
2019-07-02 09:48:17 +0200
0 - 0 - 0 https://www.imdb.com/list/ls049696333/ 143.204.52.228
2019-07-02 09:48:03 +0200
0 - 0 - 0 https://www.spreaker.com/show/ver-peru-x-urug (...) 52.51.101.146
2019-07-01 11:37:34 +0200
0 - 0 - 0 https://www.tig-uk.com/tts/nbn4298k3o7tvns8vp (...) 144.217.235.30
2019-07-01 11:37:22 +0200
0 - 0 - 0 https://www.tig-uk.com/tts/nbn4298k3o7tvns8vp (...) 144.217.235.30
2019-07-01 11:36:59 +0200
0 - 0 - 0 https://healthadviserpro.com/power-efficiency (...) 108.179.246.37
2019-07-01 11:35:37 +0200
0 - 0 - 0 https://www.imdb.com/list/ls049291106/ 143.204.52.228
2019-07-01 11:31:59 +0200
0 - 0 - 1 https://fp.bwjf.cn/downInvoice/98d3884f381b46 (...) 39.107.217.15
2019-07-01 11:28:01 +0200
0 - 0 - 0 https://d9.flashtalking.com/d9core 52.211.104.166
2019-07-01 11:27:51 +0200
0 - 0 - 0 https://www.launchora.com/story/123movies-wat (...) 52.38.238.5

No other reports on domain: nbctvsports.tk



JavaScript

Executed Scripts (22)


Executed Evals (0)


Executed Writes (2)

#1 JavaScript::Write (size: 2369, repeated: 1) - SHA256: 40f0a51d27732b213fe332dafae9eb7714ca9f470857bd46f1e890110904e1b6

                                        < !doctype html > < html > < body > < iframe style = "display:none"
data - ad - client = "ca-pub-3947544758169348"
id = "google_esf"
name = "google_esf"
src = "https://googleads.g.doubleclick.net/pagead/html/r20171113/r20170110/zrt_lookup.html#" > < /iframe><script>google_ad_format="1176x90";google_ad_slot="5378989502";google_ad_client="ca-pub-3947544758169348";google_adsbygoogle_status="done";google_full_width_responsive_allowed=false;google_fwr_non_expansion_reason=4;google_responsive_formats=3;google_ad_width=1176;google_ad_height=90;google_ad_resizable=true;google_override_format=1;google_responsive_auto_format=1;google_loader_features_used=128;google_ad_modifications={"plle":true,"eids":["4089040","38893302","21061122"],"loeids":["38893312"]};google_loader_used="aa";google_reactive_tag_first=false;google_ad_unit_key="3592344650";google_ad_dom_fingerprint="807048394";google_sailm=false;google_unique_id=1;google_async_iframe_id="aswift_0";google_start_time=1511230303756;google_pub_vars="JTdCJTIyZ29vZ2xlX2FkX2Zvcm1hdCUyMiUzQSUyMjExNzZ4OTAlMjIlMkMlMjJnb29nbGVfYWRfc2xvdCUyMiUzQSUyMjUzNzg5ODk1MDIlMjIlMkMlMjJnb29nbGVfYWRfY2xpZW50JTIyJTNBJTIyY2EtcHViLTM5NDc1NDQ3NTgxNjkzNDglMjIlMkMlMjJnb29nbGVfYWRzYnlnb29nbGVfc3RhdHVzJTIyJTNBJTIyZG9uZSUyMiUyQyUyMmdvb2dsZV9mdWxsX3dpZHRoX3Jlc3BvbnNpdmVfYWxsb3dlZCUyMiUzQWZhbHNlJTJDJTIyZ29vZ2xlX2Z3cl9ub25fZXhwYW5zaW9uX3JlYXNvbiUyMiUzQTQlMkMlMjJnb29nbGVfcmVzcG9uc2l2ZV9mb3JtYXRzJTIyJTNBMyUyQyUyMmdvb2dsZV9hZF93aWR0aCUyMiUzQTExNzYlMkMlMjJnb29nbGVfYWRfaGVpZ2h0JTIyJTNBOTAlMkMlMjJnb29nbGVfYWRfcmVzaXphYmxlJTIyJTNBdHJ1ZSUyQyUyMmdvb2dsZV9vdmVycmlkZV9mb3JtYXQlMjIlM0ExJTJDJTIyZ29vZ2xlX3Jlc3BvbnNpdmVfYXV0b19mb3JtYXQlMjIlM0ExJTJDJTIyZ29vZ2xlX2xvYWRlcl9mZWF0dXJlc191c2VkJTIyJTNBMTI4JTJDJTIyZ29vZ2xlX2FkX21vZGlmaWNhdGlvbnMlMjIlM0ElN0IlMjJwbGxlJTIyJTNBdHJ1ZSUyQyUyMmVpZHMlMjIlM0ElNUIlMjI0MDg5MDQwJTIyJTJDJTIyMzg4OTMzMDIlMjIlMkMlMjIyMTA2MTEyMiUyMiU1RCUyQyUyMmxvZWlkcyUyMiUzQSU1QiUyMjM4ODkzMzEyJTIyJTVEJTdEJTJDJTIyZ29vZ2xlX2xvYWRlcl91c2VkJTIyJTNBJTIyYWElMjIlMkMlMjJnb29nbGVfcmVhY3RpdmVfdGFnX2ZpcnN0JTIyJTNBZmFsc2UlMkMlMjJnb29nbGVfYWRfdW5pdF9rZXklMjIlM0ElMjIzNTkyMzQ0NjUwJTIyJTJDJTIyZ29vZ2xlX2FkX2RvbV9maW5nZXJwcmludCUyMiUzQSUyMjgwNzA0ODM5NCUyMiU3RA==";google_bpp=14;google_async_rrc=0;google_iframe_start_time=new Date().getTime();</script > < script src = "http://pagead2.googlesyndication.com/pagead/js/r20171113/r20170110/show_ads_impl.js" > < /script></body > < /html>
                                    

#2 JavaScript::Write (size: 1347, repeated: 1) - SHA256: 8413a4b1f0b8ca18e5a624b04ca22713d974295d2f3dc78243b8bacc70fc50a7

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "1176"
height = "90"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3947544758169348&amp;output=html&amp;h=90&amp;slotname=5378989502&amp;adk=3592344650&amp;adf=807048394&amp;w=1176&amp;fwrn=4&amp;lmt=1511230303&amp;loeid=38893312&amp;rafmt=1&amp;format=1176x90&amp;url=http%3A%2F%2Fnbctvsports.tk%2F&amp;ea=0&amp;flash=10.0.45&amp;fwr=0&amp;resp_fmts=3&amp;wgl=0&amp;dt=1511230303756&amp;bpp=14&amp;fdt=28&amp;idt=274&amp;shv=r20171113&amp;cbv=r20170110&amp;saldr=aa&amp;correlator=8575571125037&amp;frm=20&amp;ga_vid=1688679550.1511230305&amp;ga_sid=1511230305&amp;ga_hid=1037913170&amp;ga_fc=0&amp;pv=2&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=0&amp;ady=1260&amp;biw=1159&amp;bih=754&amp;abxe=1&amp;eid=4089040%2C38893302%2C21061122%2C41667000&amp;oid=3&amp;nmo=1&amp;zm=1.02&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7Cbr%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=144&amp;bc=1&amp;ifi=1&amp;dtd=795"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    


HTTP Transactions (38)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: nbctvsports.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         198.54.116.231
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Server: Apache
X-Powered-By: PHP/5.6.32
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3263


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3263
Md5:    a6ddfd9b77e3dc8a6ad210dfd9982068
Sha1:   2cf26be849ac4db181b4d120bc7517159e22cf25
Sha256: 2198e6fbb4444f3d36420c6a33a35d575d0ab68fa5b5fc0b4ce1757290c183e9

Alerts:
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            GET /ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         104.19.193.102
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2016 14:42:01 GMT
Expires: Sun, 11 Nov 2018 02:11:43 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3c101eb5e0d24285-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5085
Md5:    b02faa68559b29e99a499913786731aa
Sha1:   2367d3867429c1664794aa6168960772ed9d9e9f
Sha256: f6e5ea80c1c6f1f15174798a6bff070c7ba17fbbd72dec93c72c71bedc482375
                                        
                                            GET /css?family=PT+Sans HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         216.58.209.138
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 21 Nov 2017 02:11:43 GMT
Date: Tue, 21 Nov 2017 02:11:43 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   192
Md5:    b2fc966906ceda63ad3ff563e5e8e94c
Sha1:   243583d5d136a084da4977acb36697db09e820ec
Sha256: 76e6dbc8a42a29f76753211b6cfbd366c8a68f209b8375c0fa78c6ab35f0aae6
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 21 Nov 2017 02:11:43 GMT
Expires: Tue, 21 Nov 2017 02:11:43 GMT
Cache-Control: private, max-age=3600
Etag: 12776485510455936688
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 25030
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   25030
Md5:    a423860ceb2c8c77d8ebc0c53c42b973
Sha1:   7b7356f04ba4343658bcab5c173e0d4c1d01422c
Sha256: c510ba492b6ceb2602fcea7296eaff8c3ab3166b7f4297ae68dbf13c54e5869f
                                        
                                            GET /ajax/libs/modernizr/2.8.3/modernizr.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         104.19.193.102
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2016 14:45:13 GMT
Expires: Sun, 11 Nov 2018 02:11:43 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3c101eb620d64285-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4519
Md5:    21cfb175896958e7a1a9e8942a88f820
Sha1:   d0ec333c6e991b3625d68ef5c5e30a48fe1e3144
Sha256: 8a23f0019df824cace58d3d58571dbc77b14f77e4c28016088982abbd77e272b
                                        
                                            GET /mobile/1.4.2/jquery.mobile-1.4.2.min.css HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         94.31.29.54
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 24 Oct 2014 00:16:08 GMT
Vary: Accept-Encoding
Etag: W/"54499a48-328a1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Server: NetDNA-cache/2.2
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   32767
Md5:    4f10b551565211c9a87eb7ca435beee4
Sha1:   d498e7bb0bfd634016133a6f613bb66bbbc0cfc7
Sha256: 01cec745d7fd996eb336f6b5a5f0d154ec063922578b7c51157ad46cb6f11bc6
                                        
                                            GET /ajax/libs/jquery.cycle2/20140415/jquery.cycle2.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         104.19.193.102
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2016 14:42:31 GMT
Expires: Sun, 11 Nov 2018 02:11:43 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3c101eb6944b4261-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7150
Md5:    e95dc1bcf77da8fbc731abc51913e251
Sha1:   8c915d7d060b32e94991dde629ec7772961821b0
Sha256: 5221cfa3e7977dbc59fb582a2b1414bb83ae73c4c9d0e2b9bdc5421eb0e35006
                                        
                                            GET /ajax/libs/jquery.cycle2/20140415/jquery.cycle2.tile.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         104.19.193.102
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2016 14:42:31 GMT
Expires: Sun, 11 Nov 2018 02:11:43 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3c101eb6b0e84285-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   978
Md5:    70a22c307ef3229d748306e592ed9e01
Sha1:   f60e3451787d7a548d8808dd6930505740bd1cd9
Sha256: 19499fb417f66aeff38d25a6f5b3529b588f58a46c566caf7c527f0feada3a8d
                                        
                                            GET /ajax/libs/jquery.colorbox/1.4.33/jquery.colorbox-min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         104.19.193.102
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2016 14:42:31 GMT
Expires: Sun, 11 Nov 2018 02:11:43 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3c101eb6b34342bb-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4651
Md5:    b9838ba953e7eff9b931bb05b6d51ce6
Sha1:   b77c96102bb3a684777abfc9cb88d66313d491e4
Sha256: 747ec6ec91780db306479497a6c60a279bf1c6960a7e0986ad2f281f055d9c35
                                        
                                            GET /ajax/libs/screenfull.js/1.0.4/screenfull.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         104.19.193.102
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2016 20:08:13 GMT
Expires: Sun, 11 Nov 2018 02:11:43 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3c101eb6b0ea4285-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   707
Md5:    662a7cc493d6d2e7bc8eb9aff50340c7
Sha1:   ae1acae222c8c788be1ca1079a22b7070d861522
Sha256: f99a1f0a331f297f86637f9818bff0479f525754c2ab4913070a79bb58f0060b
                                        
                                            GET /ajax/libs/jquery/2.0.0/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         216.58.209.138
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 29195
Date: Wed, 08 Nov 2017 11:01:43 GMT
Expires: Thu, 08 Nov 2018 11:01:43 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 1091400


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29195
Md5:    825b4e44e46e0e46af84b25923ea797b
Sha1:   d7ad05414c278ca96a4d7f1800f44045c6047c96
Sha256: 77373c11f0d99e87ab6cf5219075d87586ee389fefede612ee9195f537f4e1b8
                                        
                                            GET /ajax/libs/jqueryui/1.10.3/jquery-ui.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         216.58.209.138
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 60529
Date: Wed, 08 Nov 2017 10:54:32 GMT
Expires: Thu, 08 Nov 2018 10:54:32 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 1091831


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   60529
Md5:    080d164077f3f90fe031be2c373474c8
Sha1:   ba949c0a9e0bd212a0de05cb689193cde3314d9e
Sha256: cf8ffcb276542f9382df5f00b95d2441208ffd9421455f3b0590f3cd9a141084
                                        
                                            GET /images/signup/movies/l/available-formats-img.png HTTP/1.1 
Host: www.4kmoviesclub.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         35.156.43.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Date: Tue, 21 Nov 2017 02:11:43 GMT
Etag: "5a0c7f60-b82"
Last-Modified: Wed, 15 Nov 2017 17:54:40 GMT
Server: nginx/1.11.9
Content-Length: 2946
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image, 628 x 42, 8-bit colormap, non-interlaced
Size:   2946
Md5:    9679cca761a6964804f5c43d8188371c
Sha1:   ef054b65065ece6d385c47e840eab570df683a52
Sha256: 0cecd63d1044fc5135a3d73522293aa9231ddf9976e183d688adb0c5a1cde7d5
                                        
                                            GET /css/style.css HTTP/1.1 
Host: nbctvsports.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         198.54.116.231
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2017 00:37:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7343


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7343
Md5:    809cce9b687b0efc56002fb2706fb032
Sha1:   b527df45963f0163c98710c8b158e6142f4c2723
Sha256: 53d8ffb9001f8981afdd257a171201697ab0961933ebfe69677a15a508f2ce35
                                        
                                            GET /mobile/1.4.2/jquery.mobile-1.4.2.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         94.31.29.54
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 24 Oct 2014 00:16:08 GMT
Vary: Accept-Encoding
Etag: W/"54499a48-2fc4b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public
Access-Control-Allow-Origin: *
Server: NetDNA-cache/2.2
X-Cache: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   66610
Md5:    01f0d0d0fe28d81a348d4546e481d7dc
Sha1:   cd3b5f3d9a7ec2ad0965fb1c2c54d97f0528ac1d
Sha256: d3193f0a1b99cc6f09ee5bbc0559f604d8a0392d82fba7a14cc46c7f5b04ccec
                                        
                                            GET /img/ncb.png HTTP/1.1 
Host: nbctvsports.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         198.54.116.231
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2017 00:37:56 GMT
Accept-Ranges: bytes
Content-Length: 8933


--- Additional Info ---
Magic:  PNG image, 81 x 61, 8-bit/color RGBA, non-interlaced
Size:   8933
Md5:    f14e418a74ed3ee3f02dd8aea8709cc9
Sha1:   e62f7d22b804ac443e435fd1914672c37828f34d
Sha256: b7919ccd7a9bbed891d9cfc80bd528277153ac9d6af256db3520384bd2f65957
                                        
                                            GET /-jSNj4SUGyOI/VCWAJmyNbWI/AAAAAAAAAGE/oYIdSIcRWJQ/s1600/preloader9.gif HTTP/1.1 
Host: 2.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/css/style.css

                                         
                                         216.58.209.129
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Expose-Headers: Content-Length
Etag: "v64"
Expires: Tue, 14 Nov 2017 17:51:07 GMT
Content-Disposition: inline;filename="preloader9.gif"
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Tue, 21 Nov 2017 01:50:57 GMT
Server: fife
Content-Length: 18123
X-XSS-Protection: 1; mode=block
Age: 1246
Cache-Control: public, max-age=86400, no-transform


--- Additional Info ---
Magic:  GIF image data, version 89a, 50 x 50
Size:   18123
Md5:    1144b02e3627d3ca802b2463a4e0aa7a
Sha1:   a67b069c18eaa471df14cabb0eb55d81f5da5d9f
Sha256: 77a10192bbf4648dd36f6dc9991f6884d2af3f984b2c7153489c21fe7998f6a1
                                        
                                            GET /s/ptsans/v9/LKf8nhXsWg5ybwEGXk8UBQ.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=PT+Sans
Origin: http://nbctvsports.tk

                                         
                                         216.58.209.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 54828
Date: Wed, 08 Nov 2017 10:30:58 GMT
Expires: Thu, 08 Nov 2018 10:30:58 GMT
Last-Modified: Wed, 11 Oct 2017 18:24:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 1093246


--- Additional Info ---
Magic:  data
Size:   54828
Md5:    399a9357b6e525fb4d8e2e2786df190e
Sha1:   482f94f6cb1920e748076a5086a4968c582103f1
Sha256: ecf0da3be76fa7f7f182c48385e7fa1ef9e60fb1cdf26e6c590feea15713b73a
                                        
                                            GET /ajax/libs/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0 HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.2.0/css/font-awesome.min.css
Origin: http://nbctvsports.tk

                                         
                                         104.19.193.102
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Date: Tue, 21 Nov 2017 02:11:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jun 2016 14:42:01 GMT
Expires: Sun, 11 Nov 2018 02:11:44 GMT
Cache-Control: public, max-age=30672000
Access-Control-Allow-Origin: *
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3c101eb7f3cc42a3-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   65481
Md5:    98ed914855202e74f649ddf2eab7bd7c
Sha1:   9fb7f8a1a8f3e75e49b20acfa7d3a6d655f3ab9a
Sha256: 72dd6f96459855c1f2e75ae9d80504f9459c9885aead3a50040bf9a6cd0cbf54
                                        
                                            GET /pagead/js/r20171113/r20170110/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 21 Nov 2017 02:11:44 GMT
Expires: Tue, 21 Nov 2017 02:11:44 GMT
Cache-Control: private, max-age=1209600
Etag: 9903024058478159295
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67605
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   67605
Md5:    5d1d8e54568dda8a25c5f5eb9989d1c5
Sha1:   0ec0ecee99d71ab7a201308da1f51348e55e4a4b
Sha256: 551fccc36f19585daa10eb882367ecedee6b09f04629a46d9997dd0389053bb7
                                        
                                            GET /js/scripts.js HTTP/1.1 
Host: nbctvsports.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         198.54.116.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 21 Nov 2017 02:11:44 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2017 00:37:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1088


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1088
Md5:    0b67b118fd841d1cb3961bf2e08a6410
Sha1:   ece6910752a166b097379cdd245630cb2211e8af
Sha256: 20360938f6b37632698c70fe05ff6ce4ef64f25134c3310787d1c1029c6c8760
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.209.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 Nov 2017 02:11:44 GMT
Expires: Sat, 25 Nov 2017 02:11:44 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    876ac5497c687733709698c54fdf0e3f
Sha1:   a3d41e9880e301fd0b463ef3b022de737e4ee06d
Sha256: 65c1bd66261358c9306e09d3419d2822ce7d9b0aeedc7061ef21103123cbd6a0
                                        
                                            GET /img/bg.jpg HTTP/1.1 
Host: nbctvsports.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         198.54.116.231
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2017 00:37:56 GMT
Accept-Ranges: bytes
Content-Length: 101318


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   101318
Md5:    7a6faf75376273daf800b8a4530e1eea
Sha1:   165f52193ddc269d54370786ba45f2d400751079
Sha256: 8da8ea808993c0a3fed1a0b440119567d3cb7e5d6b0df32397b8e78e26f222ff

Alerts:
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.209.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 Nov 2017 02:11:44 GMT
Expires: Sat, 25 Nov 2017 02:11:44 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.209.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 Nov 2017 02:11:45 GMT
Expires: Sat, 25 Nov 2017 02:11:45 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    638bc0f8ce1894954fd04d9bc0f61b59
Sha1:   b70bfae5a299f6e27d977d4e2c51214927ef9120
Sha256: 0994e72fa37a8e90713e343d7b0cf4069755b23288d5829cee21a404a0858b41
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=597804, public, no-transform, must-revalidate
Last-Modified: Tue, 21 Nov 2017 00:13:03 GMT
Expires: Tue, 28 Nov 2017 00:13:03 GMT
Date: Tue, 21 Nov 2017 02:11:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    5112333f315fd89eef0f972d7cc1f5ce
Sha1:   cc8f5aed733b4165b40caa993777fe8f7a50ebfb
Sha256: d86a3e6cc6de3add8ff4f1219c063675f9522111e3a8f0c5ce915ca1c8f533c3
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.209.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 21 Nov 2017 02:11:45 GMT
Expires: Sat, 25 Nov 2017 02:11:45 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    42573010d94ede71084463b57f9273ee
Sha1:   39ac8c63233b72ac941f9df03badd0e1bd29a344
Sha256: 2514af3449df91fab0a85c705af0126806fba466856ebf3ea547bd6a84689635
                                        
                                            GET /adsid/integrator.js?domain=nbctvsports.tk HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Tue, 21 Nov 2017 02:11:45 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   107
Md5:    5432a558d422eaeaa6f7e8a15c0c1134
Sha1:   252ee6dbb502fd998fbdc5721da5986b877f1c73
Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
                                        
                                            GET /pagead/html/r20171113/r20170110/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Thu, 16 Nov 2017 11:28:37 GMT
Expires: Thu, 30 Nov 2017 11:28:37 GMT
Etag: 1606340084474353950
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6793
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 398588
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6793
Md5:    b39f70164150f65acc6dd7bdf718d2bf
Sha1:   a4e19d0a569180d2df6e7904ad23db2b3dae3fef
Sha256: 471c43d7388186e24d2b7466fdf4c3c138bc5194322089bcb88872618d0b999e
                                        
                                            GET /adsid/integrator.js?domain=nbctvsports.tk HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Tue, 21 Nov 2017 02:11:45 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   107
Md5:    5432a558d422eaeaa6f7e8a15c0c1134
Sha1:   252ee6dbb502fd998fbdc5721da5986b877f1c73
Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
                                        
                                            GET /pagead/js/r20171113/r20170110/osd.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Thu, 16 Nov 2017 11:28:38 GMT
Expires: Thu, 30 Nov 2017 11:28:38 GMT
Etag: 14067721879039205164
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 29589
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 398587
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29589
Md5:    69abc46630003f406aa4005a9068ad9f
Sha1:   14f8ddf583e85276427104367c695dbcf107de42
Sha256: dd2f65553870c2f94bc64698cbf7c63583bb8c2bdb3fb9e0a7fb64255508b735
                                        
                                            GET /pub-config/r20160913/ca-pub-3947544758169348.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 21 Nov 2017 02:11:45 GMT
Expires: Tue, 21 Nov 2017 14:11:45 GMT
Cache-Control: public, max-age=43200
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
Content-Length: 88
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   88
Md5:    447300cfe76a026545c27482e7ada077
Sha1:   995fa7efb4f9b8be29ea4c3c69a361e0a1f27ba1
Sha256: 994d8a1f3b94c1b503343b827ffd37a0a2a50015d48a054812591825cc305a40
                                        
                                            GET /pagead/ads?client=ca-pub-3947544758169348&output=html&h=90&slotname=5378989502&adk=3592344650&adf=807048394&w=1176&fwrn=4&lmt=1511230303&loeid=38893312&rafmt=1&format=1176x90&url=http%3A%2F%2Fnbctvsports.tk%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=3&wgl=0&dt=1511230303756&bpp=14&fdt=28&idt=274&shv=r20171113&cbv=r20170110&saldr=aa&correlator=8575571125037&frm=20&ga_vid=1688679550.1511230305&ga_sid=1511230305&ga_hid=1037913170&ga_fc=0&pv=2&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=0&ady=1260&biw=1159&bih=754&abxe=1&eid=4089040%2C38893302%2C21061122%2C41667000&oid=3&nmo=1&zm=1.02&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7Cbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=1&dtd=795 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 21 Nov 2017 02:11:45 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 21-Nov-2017 02:26:45 GMT; path=/; domain=.doubleclick.net
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 21 Nov 2017 02:11:45 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   368
Md5:    49777a7c3ba702ee480fbc43fbc0e2d4
Sha1:   acb067e2891725bf3fc2155302ac8422dccb0f86
Sha256: 5554bd8518250b164372b5f3b9391d23a05024f52bdb1a2adcd92fce2f888ca1
                                        
                                            GET /js15_as.js HTTP/1.1 
Host: s10.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         46.105.201.240
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 21 Nov 2017 02:07:14 GMT
Etag: "1262556565"
Last-Modified: Mon, 12 Jun 2017 15:26:33 GMT
Content-Length: 4243
Content-Encoding: gzip
Vary: Accept-Encoding
X-CDN-Pop: sbg
X-CDN-Pop-IP: 137.74.120.0/27
X-Cacheable: Matched cache
Accept-Ranges: bytes
X-IPLB-Instance: 4760


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   4243
Md5:    56bb73fb348426e693c0eaa9dd2abbc0
Sha1:   1ffbf180a67c8ed35ece4a432d9d6dacd16961f5
Sha256: f4f7ac364c5b2b15a517942786044905da98388284ddfb1302bf76bbf407b8a5
                                        
                                            GET /stats/0.php?3942547&@f16&@g1&@h1&@i1&@j1511230305473&@k0&@l1&@mNBC%20Sports&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1176&@vhttp%3A%2F%2Fnbctvsports.tk%2F&@w HTTP/1.1 
Host: s4.histats.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         208.43.241.178
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Date: Tue, 21 Nov 2017 02:11:45 GMT
Content-Length: 377
Connection: close
Set-Cookie: CountUid=5930d1a6-62wv-4c79-a4e3-4019454e4a9d; domain=.histats.com; Max-Age=31536000; Expires=Wed, 21-Nov-2018 02:11:45 GMT


--- Additional Info ---
Magic:  ASCII text
Size:   377
Md5:    a591f1753586053e662b09e65f7f486c
Sha1:   8076f19d8b57036afed609fbaa10c4ad1a1d2c55
Sha256: 228b0de25e3387c3ce7c37a38e2be677d1d040b405951acc0412ae48e44156cc
                                        
                                            GET /e/?v=1a&pid=5200&site=1&l=http%3A%2F%2Fnbctvsports.tk%2F&j= HTTP/1.1 
Host: e.dtscout.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         107.182.231.45
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 21 Nov 2017 02:11:46 GMT
Transfer-Encoding: chunked
Connection: close
X-Z: E
Set-Cookie: m=1; expires=Tue, 21-Nov-2017 02:41:46 GMT; Max-Age=1800; path=/; domain=dtscout.com b=1; expires=Tue, 21-Nov-2017 10:11:46 GMT; Max-Age=28800; path=/; domain=dtscout.com ey=1; expires=Tue, 21-Nov-2017 06:11:46 GMT; Max-Age=14400; path=/; domain=dtscout.com ah=1; expires=Wed, 22-Nov-2017 02:11:46 GMT; Max-Age=86400; path=/; domain=dtscout.com df=1511230306; expires=Thu, 21-Nov-2019 02:11:46 GMT; Max-Age=63072000; path=/; domain=dtscout.com d=null; expires=Sun, 20-Nov-2022 02:11:46 GMT; Max-Age=157680000; path=/; domain=dtscout.com l=a7bnLVoTi2K03S2vWpk/Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.dtscout.com; path=/
Expires: Tue, 21 Nov 2017 02:11:45 GMT
Cache-Control: no-cache


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   3753
Md5:    7c9e4cf17de6bd1fab81a09f7364d696
Sha1:   8d0cf84c21bae3dd4fb467ebe1d0b65f9970ef5f
Sha256: fd59221be4565455898299ead9847f328528b5448eae372980995b05b37a2cb0
                                        
                                            GET /img/ncbhd.png HTTP/1.1 
Host: nbctvsports.tk
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nbctvsports.tk/

                                         
                                         198.54.116.231
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 21 Nov 2017 02:11:43 GMT
Server: Apache
Last-Modified: Thu, 16 Nov 2017 00:37:56 GMT
Accept-Ranges: bytes
Content-Length: 189216


--- Additional Info ---
Magic:  PNG image, 432 x 324, 8-bit/color RGBA, non-interlaced
Size:   189216
Md5:    05467a8217d4469f6a145ed06b9cfb2e
Sha1:   5bc54719f651e8a850e1653510f8fbaedf77f81b
Sha256: ecb97fbf31b0ff20736a26fc3593057b5de27176ade4d5e9a99ae55ff65c16ca

Alerts:
  IDS:
    - ET POLICY HTTP Request to a *.tk domain
                                        
                                            GET /ndl2.0/images/sportscenter.gif HTTP/1.1 
Host: www.onlinedynasty.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         0.0.0.0
                                        


--- Additional Info ---