Overview

URL clevel17.fabpage.com/bend-2z/marylan6y.html
IP64.136.20.37
ASNAS13446 Netzero,INC.
Location United States
Report completed2017-08-12 22:54:57 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2017-08-12 22:54:22 CEST 2  64.136.20.38 Client IP ET WEB_CLIENT Hex Obfuscation of document.write % Encoding


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 64.136.20.37

Date UQ / IDS / BL URL IP
2017-08-20 12:37:25 +0200
0 - 1 - 0 alfrets.gobot.com/georr/rickdu170.html 64.136.20.37
2017-08-18 17:39:37 +0200
0 - 1 - 0 easysck5.iceryder.net/mcc/halloween-hhd.html 64.136.20.37
2017-08-18 14:47:44 +0200
0 - 1 - 5 apoemgsu.3dup.net/lovept/slow-sv.html 64.136.20.37
2017-08-18 09:42:25 +0200
0 - 1 - 0 gkiasknr.1hwy.com/patrir/robert953.html 64.136.20.37
2017-08-18 00:31:18 +0200
0 - 1 - 0 tvalen721.jufreeservers.com/avatae/ 64.136.20.37
2017-07-28 15:03:05 +0200
0 - 1 - 0 gopet500.gobot.com/kenda/holly40.html 64.136.20.37
2017-07-26 18:41:20 +0200
0 - 0 - 4 bizarrup.reunionwatch.com/inflatz/road-kill-c (...) 64.136.20.37
2017-07-24 17:11:53 +0200
0 - 1 - 0 vqo983kio.1colony.com/gilett/casac705.html 64.136.20.37
2017-07-24 06:50:01 +0200
0 - 0 - 4 guhajuysyqob.1hwy.com/ 64.136.20.37
2017-07-23 11:39:04 +0200
0 - 1 - 0 whitegef.1hwy.com/allerv1/pulp.html 64.136.20.37

Last 10 reports on ASN: AS13446 Netzero,INC.

Date UQ / IDS / BL URL IP
2017-08-20 21:31:35 +0200
0 - 0 - 4 turbobier.itgo.com/ 64.136.20.43
2017-08-20 12:37:25 +0200
0 - 1 - 0 alfrets.gobot.com/georr/rickdu170.html 64.136.20.37
2017-08-19 11:27:16 +0200
0 - 1 - 4 grekiol0.gqnu.net/dgtet/squibte732.html 64.136.20.36
2017-08-19 10:58:21 +0200
0 - 1 - 0 pebhtgre.00song.com/chri/freech263.html 64.136.20.31
2017-08-18 20:09:32 +0200
0 - 0 - 0 gingermarr.com 64.136.20.38
2017-08-18 18:33:55 +0200
0 - 1 - 0 patric5l.itgo.com/patfz/patrick-gergyp.html 64.136.20.43
2017-08-18 17:58:03 +0200
0 - 1 - 0 costumes.mystarship.com/adu9/darna-coiz.html 64.136.20.44
2017-08-18 17:39:37 +0200
0 - 1 - 0 easysck5.iceryder.net/mcc/halloween-hhd.html 64.136.20.37
2017-08-18 14:47:44 +0200
0 - 1 - 5 apoemgsu.3dup.net/lovept/slow-sv.html 64.136.20.37
2017-08-18 14:08:52 +0200
0 - 1 - 0 raadva24.00author.com/freelb/fec.html 64.136.20.41

No other reports on domain: .



JavaScript

Executed Scripts (11)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 1658, repeated: 1) - SHA256: 728eda9bc207e908102280fcf20c24e2b91f615bd0c36d2b9337dfd04e626ac5

                                        < !DOCTYPE html > < html > < head > < title > OpenX < /title><base target='_top'/ > < /head><body style='margin:0;padding:0'><div style='position:absolute;left:0px;top:0px;visibility:hidden;'><img src='http:/ / uol - d.openx.net / w / 1.0 / rr ? ts = 1 fHU9MXxyaWQ9ZGMxYzU1ODUtZjNhMC00NWNiLWFmMDktY2ZhNjRmNzUzYjM1fHJ0PTE1MDI1NzEyNjN8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD1iNjFmOTNiNy1jZWFjLTQ0OTEtOWI2Ny0xYzE0YWU0ZmRmMDh8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1QNXRhaklXWkV4 '/></div><script type='
text / javascript '> (function() {
    var spoutjs = document.createElement('script'),
        firstjs = document.getElementsByTagName('script')[0];
    spoutjs.async = 1;
    spoutjs.src = '//cdn.spoutable.com/ca8e5293-1232-40fe-ac95-528cdbe64295/spoutable.js';
    firstjs.parentNode.insertBefore(spoutjs, firstjs)
})(); < /script><div style='position:absolute;left:0px;top:0px;visibility:hidden;'><img src='http:/ / uol - d.openx.net / w / 1.0 / ri ? ts = 1 fHU9MXxyaWQ9ZGMxYzU1ODUtZjNhMC00NWNiLWFmMDktY2ZhNjRmNzUzYjM1fHJ0PTE1MDI1NzEyNjN8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD1iNjFmOTNiNy1jZWFjLTQ0OTEtOWI2Ny0xYzE0YWU0ZmRmMDh8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1QNXRhaklXWkV4 '/></div></body></html>
                                    


HTTP Transactions (21)


Request Response
                                        
                                            GET /w/1.0/jstag HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Vary: Accept-Encoding
Server: OXGW/11.107.1
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Sat, 12 Aug 2017 21:54:22 GMT
Date: Sat, 12 Aug 2017 20:54:22 GMT
Content-Length: 17294
Content-Encoding: gzip
Cache-Control: max-age=3600


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   17294
Md5:    600e3240a11be154ea28a52b2af0889b
Sha1:   4fe4ee862452cb9c63fb74eb4c516b7265f86d46
Sha256: 72ac130c773169b2cb8ecc60281ee496b6773523bf016ff75889637841b0ab45
                                        
                                            GET /bend-2z/marylan6y.html HTTP/1.1 
Host: clevel17.fabpage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         64.136.20.38
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sat, 12 Aug 2017 20:54:21 GMT
Server: .V08 Apache
Filter-Revision: 1.220
Last-Modified: Sun Aug 26 17:53:27 2012 GMT
Content-Length: 17335
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive
X-Pad: avoid browser bug


--- Additional Info ---
Magic:  XML document text
Size:   17335
Md5:    8e71d2d4acd59517ef5663ae18cd32a3
Sha1:   fb447c56f4a15d5a5cff2a9f89a782c678da789d
Sha256: 676b1234284678f4d86161c0ee5c3c3c1b13020d30c98aad32dad5ef8683f342

Alerts:
  IDS:
    - ET WEB_CLIENT Hex Obfuscation of document.write % Encoding
                                        
                                            GET /files/gallery.css HTTP/1.1 
Host: clevel17.fabpage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html

                                         
                                         64.136.20.38
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 12 Aug 2017 20:54:22 GMT
Server: .V08 Apache
Last-Modified: Sun, 26 Aug 2012 17:40:27 GMT
Etag: "2d53084-686-503a5f8b"
Accept-Ranges: bytes
Content-Length: 1670
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text, with CRLF line terminators
Size:   1670
Md5:    0eae661e71b7cc81ee1abe99f52b4e4c
Sha1:   35fa82c80fa754f250bfc1ac71d17ab874c6ca76
Sha256: 7b35ab2409244c9e12cf14ac45484de62963b9ffbfc5e83e712b43f02f24960b
                                        
                                            GET /cgi-bin/image/images/bannertype/100X22.gif HTTP/1.1 
Host: clevel17.fabpage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html

                                         
                                         64.136.20.38
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sat, 12 Aug 2017 20:54:22 GMT
Server: .V08 Apache
Last-Modified: Sun, 05 Aug 2001 22:12:35 GMT
Content-Length: 2428
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 100 x 22
Size:   2428
Md5:    b8aea459d039d6ccb16b9ce35462fd25
Sha1:   e5de22cf199ba88c3b1ef922912ecdcfeb1ae11e
Sha256: 27969e1dfb1ddbdebd099fab5f930bdfc26808a95efd3b8b0b70393301d7cff7
                                        
                                            GET /files/style.css HTTP/1.1 
Host: clevel17.fabpage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html

                                         
                                         64.136.20.38
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sat, 12 Aug 2017 20:54:22 GMT
Server: .V08 Apache
Last-Modified: Sun, 26 Aug 2012 17:40:10 GMT
Etag: "2d5307a-669a-503a5f7a"
Accept-Ranges: bytes
Content-Length: 26266
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text, with very long lines, with CRLF line terminators
Size:   26266
Md5:    a23ea2d167d3dc0ee608980807083550
Sha1:   7350e464442998b1c8585b440eb0df1492a9ca84
Sha256: 81eeeac585fa2e6a58157fb7783379b69dbd3e51f2c10a2eb01dc03ee6139ee5
                                        
                                            GET /files/bg.png HTTP/1.1 
Host: clevel17.fabpage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/files/style.css

                                         
                                         64.136.20.38
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sat, 12 Aug 2017 20:54:22 GMT
Server: .V08 Apache
Last-Modified: Sun, 26 Aug 2012 17:40:14 GMT
Etag: "2d5307c-399-503a5f7e"
Accept-Ranges: bytes
Content-Length: 921
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 38 x 150, 8-bit colormap, non-interlaced
Size:   921
Md5:    30a5cb14d3ab99bae7c6dcdca9933ed8
Sha1:   fc0b8c5e25528dddce21ddae60e54011d5793c47
Sha256: 455de06b63637aaf5ad86d385dc768107ebaccc83573f6b801df7e69a1e2503b
                                        
                                            GET /w/1.0/acj?ai=2817dabd-b066-4ecf-ae94-1bcfe1e3ca25&o=9938865523&callback=OX_9938865523&ju=http%3A//clevel17.fabpage.com/bend-2z/marylan6y.html&jr=&auid=538771292&dims=1176x754&adxy=12%2C51&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=UTF-8&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html

                                         
                                         173.241.240.220
HTTP/1.1 302 Moved Temporarily
                                        
Set-Cookie: i=60569415-4f10-0cae-24eb-b0f108c9b9fa|1502571263; Version=1; Expires=Sun, 12-Aug-2018 20:54:23 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/11.107.1
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://uol-d.openx.net/w/1.0/acj?cc=1&ai=2817dabd-b066-4ecf-ae94-1bcfe1e3ca25&o=9938865523&callback=OX_9938865523&ju=http%3A//clevel17.fabpage.com/bend-2z/marylan6y.html&jr=&auid=538771292&dims=1176x754&adxy=12%2C51&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=UTF-8&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1
Date: Sat, 12 Aug 2017 20:54:23 GMT
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /w/1.0/acj?cc=1&ai=2817dabd-b066-4ecf-ae94-1bcfe1e3ca25&o=9938865523&callback=OX_9938865523&ju=http%3A//clevel17.fabpage.com/bend-2z/marylan6y.html&jr=&auid=538771292&dims=1176x754&adxy=12%2C51&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=UTF-8&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html
Cookie: i=60569415-4f10-0cae-24eb-b0f108c9b9fa|1502571263

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Vary: Accept
Set-Cookie: i=60569415-4f10-0cae-24eb-b0f108c9b9fa|1502571263; Version=1; Expires=Sun, 12-Aug-2018 20:54:23 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/11.107.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sat, 12 Aug 2017 20:54:23 GMT
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   1006
Md5:    3210bbffd17a109cf6236fd849ff23e2
Sha1:   414043d6c139c0f2c5e2f3be5e32d0ad0a3db819
Sha256: 6e67b6a50005274b7a2e064e21d63bd7f48451002f3e0f882c48ca2e52059914
                                        
                                            GET /w/1.0/ri?ts=1fHU9MXxyaWQ9ZGMxYzU1ODUtZjNhMC00NWNiLWFmMDktY2ZhNjRmNzUzYjM1fHJ0PTE1MDI1NzEyNjN8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD1iNjFmOTNiNy1jZWFjLTQ0OTEtOWI2Ny0xYzE0YWU0ZmRmMDh8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1QNXRhaklXWkV4 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html
Cookie: i=60569415-4f10-0cae-24eb-b0f108c9b9fa|1502571263

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: OXGW/11.107.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sat, 12 Aug 2017 20:54:23 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /w/1.0/rr?ts=1fHU9MXxyaWQ9ZGMxYzU1ODUtZjNhMC00NWNiLWFmMDktY2ZhNjRmNzUzYjM1fHJ0PTE1MDI1NzEyNjN8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD1iNjFmOTNiNy1jZWFjLTQ0OTEtOWI2Ny0xYzE0YWU0ZmRmMDh8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1QNXRhaklXWkV4 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html
Cookie: i=60569415-4f10-0cae-24eb-b0f108c9b9fa|1502571263

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: OXGW/11.107.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sat, 12 Aug 2017 20:54:23 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /fs_img/js/set_homepage.js HTTP/1.1 
Host: clevel17.fabpage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html
Cookie: OX_ssn=6091326179; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.38
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Sat, 12 Aug 2017 20:54:23 GMT
Server: .V08 Apache
Last-Modified: Thu, 25 Jun 2009 09:12:35 GMT
Etag: "24e64-6cb-4a433f83"
Accept-Ranges: bytes
Content-Length: 1739
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   1739
Md5:    65d1bd2fb6b2997618d4487d7f0c458b
Sha1:   e176f2620fb4c3b22e8877d0770f68bed8e1421f
Sha256: 24fcc4b766d9485b2e8276c0fd71fb9f129b0e2fbc90e073afbe8a7cbd3b199b
                                        
                                            GET /ca8e5293-1232-40fe-ac95-528cdbe64295/spoutable.js HTTP/1.1 
Host: cdn.spoutable.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html

                                         
                                         104.20.69.222
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sat, 12 Aug 2017 20:54:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d98337f89faadb7d75732a2be53e68d531502571263; expires=Sun, 12-Aug-18 20:54:23 GMT; path=/; domain=.spoutable.com; HttpOnly
x-amz-id-2: ZXHt4Tjg+rFHKSNBg8Qvr2xYbcqkvk5GMY8cZyVEBkl9ck4xr30N8MQN3oyak0Y1Foq3KzgtQ1E=
x-amz-request-id: 1A1D68D94A395EE0
Last-Modified: Sat, 12 Aug 2017 16:08:02 GMT
Etag: W/"55e3bd8aae6e3f8dfec6a30c6c00df80"
CF-Cache-Status: REVALIDATED
Vary: Accept-Encoding
Expires: Sat, 12 Aug 2017 22:54:24 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38d6545f377a42bb-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   830
Md5:    b93008db770708b345cf417cd87ab743
Sha1:   e47c0545c14b0c623064a6d0f967e85d596c1492
Sha256: f46788bdde3c0d172ac8b827d987d1b287d502a4f6f210dbd9239741081c2490
                                        
                                            GET /fs_img/js/overlay.js HTTP/1.1 
Host: clevel17.fabpage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html
Cookie: OX_ssn=6091326179; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.38
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Sat, 12 Aug 2017 20:54:23 GMT
Server: .V08 Apache
Last-Modified: Thu, 27 Aug 2009 10:08:37 GMT
Etag: "24e60-1952-4a965b25"
Accept-Ranges: bytes
Content-Length: 6482
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   6482
Md5:    85f8bd82370a634fcb8f5aca3e407395
Sha1:   4065a0ff47a5b4f01df8c90adaa7a6781b4087c3
Sha256: 0c33d70a8a30833d45c2217aeaf8691b17d54c70c136593bf03f7b68109b84ed
                                        
                                            GET /fs_img/js/pt.js HTTP/1.1 
Host: clevel17.fabpage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html
Cookie: OX_ssn=6091326179; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.38
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Sat, 12 Aug 2017 20:54:23 GMT
Server: .V08 Apache
Last-Modified: Tue, 23 Dec 2008 06:18:16 GMT
Etag: "24e63-133c-495082a8"
Accept-Ranges: bytes
Content-Length: 4924
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   4924
Md5:    5a579305a5ed446e5d235fdf055af4df
Sha1:   460970478d97e27013664cca14b24b312db5e837
Sha256: b7869a1ad7f1eec802fdbd1018fa315b26b3c92a13db66c9044dad80a8fc5b2f
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Sat, 12 Aug 2017 19:04:09 GMT
Expires: Sat, 12 Aug 2017 21:04:09 GMT
Last-Modified: Tue, 01 Aug 2017 03:25:32 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 16022
Cache-Control: public, max-age=7200
Age: 6615


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16022
Md5:    09889dfa1a6bf800507b7a6799c45901
Sha1:   51b1c3f117a0874b6e5ea58bf9e8863c918db4aa
Sha256: 1c92948832be823e16d40195f5f66135368b5cb3f8a7833c3e25f558f16fecfb
                                        
                                            GET /r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1325428362&utmhn=clevel17.fabpage.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Maryland%20I%20Football%20Formation&utmhid=571243806&utmr=-&utmp=%2Fbend-2z%2Fmarylan6y.html&utmht=1502571264494&utmac=UA-4601892-10&utmcc=__utma%3D1.2132108819.1502571264.1502571264.1502571264.1%3B%2B__utmz%3D1.1502571264.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=345551380&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Sat, 12 Aug 2017 20:54:24 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909 HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://clevel17.fabpage.com/bend-2z/marylan6y.html
Cookie: i=60569415-4f10-0cae-24eb-b0f108c9b9fa|1502571263

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Vary: Accept
Set-Cookie: i=60569415-4f10-0cae-24eb-b0f108c9b9fa|1502571263; Version=1; Expires=Sun, 12-Aug-2018 20:54:24 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1502571264|9D; Version=1; Expires=Sun, 27-Aug-2017 20:54:24 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
Server: OXGW/11.107.1
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Sat, 12 Aug 2017 20:54:24 GMT
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   144
Md5:    0ee3d1ec9516bf623a4f9f4fe1ac0de7
Sha1:   1137f814defa2d841e3e419ae46f88421ea0d1f2
Sha256: 51a1db175deb1e8e69f4e16f07fe08c2760aa1241ab979f08c9c4cb6e79892d0
                                        
                                            GET /pixel?google_nid=openx&google_cm&google_sc HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909

                                         
                                         216.58.209.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
Date: Sat, 12 Aug 2017 20:54:24 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 292
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Sat, 12-Aug-2017 21:09:24 GMT; path=/; domain=.doubleclick.net


--- Additional Info ---
Magic:  HTML document text
Size:   292
Md5:    b6e453661d0ddf68898fe6de8bf77403
Sha1:   b5ada9403c9838f483e1ab74f2b4ac290bc5e26e
Sha256: 0cebcca4b12681a67614eb3055af0918df4f03b11d0ec0394a4c39e13d791829
                                        
                                            GET /pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909
Cookie: test_cookie=CheckForPermission

                                         
                                         216.58.209.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED7l8zJPXanVJVvNhTxoIk0&google_cver=1
Date: Sat, 12 Aug 2017 20:54:24 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 294
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUkuU0Y-9WqLu8MlEvQmlR3b2THMU-1VnXxW8wzzzj1EouC6Ix5pYw; expires=Mon, 12-Aug-2019 20:54:24 GMT; path=/; domain=.doubleclick.net; HttpOnly


--- Additional Info ---
Magic:  HTML document text
Size:   294
Md5:    2bcac732a5c88c1e88dfa193615c87d4
Sha1:   6824509acf998352ce4e97526913e61a1c10ae70
Sha256: 0f1cc868e0d94decf9cb255a3ae9f599b0cc498a91f0a3e420763248d4d078ab
                                        
                                            GET /w/1.0/sd?id=537072991&val=CAESED7l8zJPXanVJVvNhTxoIk0&google_cver=1 HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909
Cookie: i=60569415-4f10-0cae-24eb-b0f108c9b9fa|1502571263; pd=v2|1502571264|9D

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Vary: Accept
Server: OXGW/11.107.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sat, 12 Aug 2017 20:54:24 GMT
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   451
Md5:    09e924d6899e8c667025e01aa38f6a27
Sha1:   d59e8737ce038cd31fd2b38d506645868975a9a7
Sha256: 623f8c91ee3c4b49575352f7702e9368120866fb7068b5cf0ec8a8c429edcaf7
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: clevel17.fabpage.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: OX_ssn=6091326179; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm; __utma=1.2132108819.1502571264.1502571264.1502571264.1; __utmb=1.1.10.1502571264; __utmc=1; __utmz=1.1502571264.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         64.136.20.38
HTTP/1.1 200 Special Default
Content-Type: image/gif
                                        
Date: Sat, 12 Aug 2017 20:54:24 GMT
Server: .V08 Apache
Last-Modified: Wed, 27 Jul 2011 09:23:13 GMT
Content-Length: 1406
Keep-Alive: timeout=999999, max=999998
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1406
Md5:    d009cced4ed43383291700a3b7a18f86
Sha1:   eff142aafd81e111c728ccf1f1df36cf1c244dce
Sha256: 748f652b4067e9b431761049ae7e3b77e5cf4d3042b2cd7a3b5da379d95d8dab