Overview

URL johnracg.mystarship.com/lancaer/univr5.html
IP64.136.20.44
ASNAS13446 Netzero,INC.
Location United States
Report completed2017-08-10 19:05:20 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2017-08-10 19:04:45 CEST 2  64.136.20.44 Client IP ET WEB_CLIENT Hex Obfuscation of document.write % Encoding


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-08-10 2 johnracg.mystarship.com/lancaer/univr5.html Malware
2017-08-10 2 johnracg.mystarship.com/fs_img/js/set_homepage.js Malware
2017-08-10 2 johnracg.mystarship.com/fs_img/js/pt.js Malware
2017-08-10 2 johnracg.mystarship.com/fs_img/js/overlay.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 64.136.20.44

Date UQ / IDS / BL URL IP
2017-11-29 01:52:50 +0100
0 - 1 - 0 www.climatsd.mystarship.com/crockv5/reynolab.html 64.136.20.44
2017-11-25 14:54:48 +0100
0 - 1 - 0 nazmase.00trek.com/easen/februar1137.html 64.136.20.44
2017-11-25 10:26:22 +0100
0 - 1 - 4 carving.mystarship.com/pukcz/bud-murray-wood- (...) 64.136.20.44
2017-11-19 12:29:35 +0100
0 - 1 - 0 colori78.00go.com/prrj/why-was-halloween-i1a.html 64.136.20.44
2017-11-06 04:54:07 +0100
0 - 0 - 4 rolloweeksfanpage.20m.com/photo3.html 64.136.20.44
2017-10-26 13:59:58 +0200
0 - 1 - 0 begtyh3y.00trek.com/gian/penelop191.html 64.136.20.44
2017-10-20 07:56:31 +0200
0 - 1 - 4 carving.mystarship.com/afrim6/dora-and97.html 64.136.20.44
2017-10-13 11:09:45 +0200
0 - 1 - 0 peanutv9.mystarship.com/pausi/thanksgyj.html 64.136.20.44
2017-10-05 16:58:31 +0200
0 - 1 - 0 catalifd.faithweb.com/sebalt/boone-hall-farnp.html 64.136.20.44
2017-09-18 15:32:56 +0200
2 - 0 - 0 liberserat.faithweb.com/individualki-zakazat- (...) 64.136.20.44

Last 10 reports on ASN: AS13446 Netzero,INC.

Date UQ / IDS / BL URL IP
2017-12-07 17:00:03 +0100
0 - 0 - 11 demongomez1.50megs.com/mamiclub.htm 64.136.20.35
2017-12-06 11:34:43 +0100
0 - 1 - 0 santaril.iceryder.net/wss/royal-santa-lightos.html 64.136.20.37
2017-12-05 17:20:13 +0100
0 - 1 - 0 dereck45.fanspace.com/distc/wme.html 64.136.20.31
2017-12-04 12:40:43 +0100
0 - 0 - 1 lvmummer.mysite.com/ 64.136.20.37
2017-12-03 10:09:02 +0100
0 - 1 - 0 internfe.cz28.com/bee8/paula-deen27s-turk84.html 64.136.20.37
2017-12-02 21:33:13 +0100
2 - 0 - 0 maisetingho.tvheaven.com/zhitomir-seks-uslugi (...) 64.136.20.39
2017-12-02 14:39:26 +0100
0 - 1 - 0 ymadrfer.3dup.net/roal/qashome302.html 64.136.20.37
2017-12-01 16:20:25 +0100
0 - 1 - 0 patricmv.freewebspace.com/ton/fully-cooked-tu (...) 64.136.20.42
2017-12-01 14:55:00 +0100
0 - 1 - 0 timene69.htmlplanet.com/b8j/walmart9j.html 64.136.20.31
2017-11-30 14:37:04 +0100
0 - 0 - 0 thirdpartyoffers.juno.com/TGL3141/5a1b6b6e474 (...) 64.136.45.215

No other reports on domain: .



JavaScript

Executed Scripts (11)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 1658, repeated: 1) - SHA256: 547aa616db6f2b610064673c3edeee7f0f2dcc676ab6e5140f7dd7f84b299272

                                        < !DOCTYPE html > < html > < head > < title > OpenX < /title><base target='_top'/ > < /head><body style='margin:0;padding:0'><div style='position:absolute;left:0px;top:0px;visibility:hidden;'><img src='http:/ / uol - d.openx.net / w / 1.0 / rr ? ts = 1 fHU9MXxyaWQ9YjU0NjM4NmUtMTUyZC00YjljLWE2YmItYmYwYjMyNTdlZmI3fHJ0PTE1MDIzODQ2ODd8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD0wMWI2MzY1Zi03OTYwLTRmZTUtOTAwYi01MmQzMzM1YmRlNmV8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1idWFJWHJReGh5 '/></div><script type='
text / javascript '> (function() {
    var spoutjs = document.createElement('script'),
        firstjs = document.getElementsByTagName('script')[0];
    spoutjs.async = 1;
    spoutjs.src = '//cdn.spoutable.com/ca8e5293-1232-40fe-ac95-528cdbe64295/spoutable.js';
    firstjs.parentNode.insertBefore(spoutjs, firstjs)
})(); < /script><div style='position:absolute;left:0px;top:0px;visibility:hidden;'><img src='http:/ / uol - d.openx.net / w / 1.0 / ri ? ts = 1 fHU9MXxyaWQ9YjU0NjM4NmUtMTUyZC00YjljLWE2YmItYmYwYjMyNTdlZmI3fHJ0PTE1MDIzODQ2ODd8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD0wMWI2MzY1Zi03OTYwLTRmZTUtOTAwYi01MmQzMzM1YmRlNmV8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1idWFJWHJReGh5 '/></div></body></html>
                                    


HTTP Transactions (22)


Request Response
                                        
                                            GET /lancaer/univr5.html HTTP/1.1 
Host: johnracg.mystarship.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Thu, 10 Aug 2017 17:04:45 GMT
Server: .V04 Apache
Filter-Revision: 1.220
Last-Modified: Mon Sep 12 23:58:39 2011 GMT
Content-Length: 18166
Keep-Alive: timeout=999999, max=999993
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   18166
Md5:    73d64a142191c8915a209f45abeed0df
Sha1:   36c29827b36eb120d4285cc2804e4ad4fa5c8dd5
Sha256: 37b0e8f54322f0547f8728fc9a7f793aae5e3a39fa380674efc9fc2cdf30f203

Alerts:
  Blacklists:
    - fortinet: Malware
  IDS:
    - ET WEB_CLIENT Hex Obfuscation of document.write % Encoding
                                        
                                            GET /w/1.0/jstag HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Vary: Accept-Encoding
Server: OXGW/11.107.1
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Thu, 10 Aug 2017 18:04:46 GMT
Date: Thu, 10 Aug 2017 17:04:46 GMT
Content-Length: 17296
Content-Encoding: gzip
Cache-Control: max-age=3600


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   17296
Md5:    c8aea19bcade393a8773189521cb0f87
Sha1:   18fc9c43ba23d7be3cc4118279444a2f695551d1
Sha256: fde76ef80e1951a640baf5d5e5cbc98488849bc4e16b460ab714071f81261dc0
                                        
                                            GET /cgi-bin/image/images/bannertype/100X22.gif HTTP/1.1 
Host: johnracg.mystarship.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 10 Aug 2017 17:04:46 GMT
Server: .V04 Apache
Last-Modified: Thu, 20 Jan 2005 08:13:37 GMT
Content-Length: 1378
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 87a, 100 x 22
Size:   1378
Md5:    a2f2d931253c88f8147db9847f8dab8c
Sha1:   3946b9fa87c9d2396954ee6e9ebfa2ab7acdd35f
Sha256: f43f58d206a8d84f58e9eec3be4c0b3c50462954dcf860be71a869969bdad216
                                        
                                            GET /files/podpress.css HTTP/1.1 
Host: johnracg.mystarship.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 10 Aug 2017 17:04:46 GMT
Server: .V04 Apache
Last-Modified: Mon, 12 Sep 2011 23:40:25 GMT
Etag: "2098ed9-f0b-4e6e9869"
Accept-Ranges: bytes
Content-Length: 3851
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text
Size:   3851
Md5:    570c43c31a089783c4fbb3b64a7c9864
Sha1:   76a570266ce0f9177288613aa196236e3d35c072
Sha256: 1e2423287aa14b93026f5aead9c71ff8e06278e2fa815733cd92afc2b0d0d519
                                        
                                            GET /files/style.css HTTP/1.1 
Host: johnracg.mystarship.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 10 Aug 2017 17:04:45 GMT
Server: .V04 Apache
Last-Modified: Mon, 12 Sep 2011 23:40:35 GMT
Etag: "2098ede-47de-4e6e9873"
Accept-Ranges: bytes
Content-Length: 18398
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text, with very long lines
Size:   18398
Md5:    dd453eb744a1680f561f82722d4449ab
Sha1:   3d04fbec0f744401d54b21ed7d35cab6fa0d1607
Sha256: ba874c885d4d3efa6d75dae6dd3ce1bb970d44f1c860f6777867e799d3b7fd1d
                                        
                                            GET /fs_img/js/set_homepage.js HTTP/1.1 
Host: johnracg.mystarship.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Thu, 10 Aug 2017 17:04:46 GMT
Server: .V04 Apache
Last-Modified: Thu, 25 Jun 2009 09:12:35 GMT
Etag: "2ea18-6cb-4a433f83"
Accept-Ranges: bytes
Content-Length: 1739
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   1739
Md5:    65d1bd2fb6b2997618d4487d7f0c458b
Sha1:   e176f2620fb4c3b22e8877d0770f68bed8e1421f
Sha256: 24fcc4b766d9485b2e8276c0fd71fb9f129b0e2fbc90e073afbe8a7cbd3b199b

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /fs_img/js/pt.js HTTP/1.1 
Host: johnracg.mystarship.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Thu, 10 Aug 2017 17:04:46 GMT
Server: .V04 Apache
Last-Modified: Tue, 23 Dec 2008 06:18:16 GMT
Etag: "2ea17-133c-495082a8"
Accept-Ranges: bytes
Content-Length: 4924
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   4924
Md5:    5a579305a5ed446e5d235fdf055af4df
Sha1:   460970478d97e27013664cca14b24b312db5e837
Sha256: b7869a1ad7f1eec802fdbd1018fa315b26b3c92a13db66c9044dad80a8fc5b2f

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /fs_img/js/overlay.js HTTP/1.1 
Host: johnracg.mystarship.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Thu, 10 Aug 2017 17:04:46 GMT
Server: .V04 Apache
Last-Modified: Thu, 27 Aug 2009 10:08:37 GMT
Etag: "2ea14-1952-4a965b25"
Accept-Ranges: bytes
Content-Length: 6482
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   6482
Md5:    85f8bd82370a634fcb8f5aca3e407395
Sha1:   4065a0ff47a5b4f01df8c90adaa7a6781b4087c3
Sha256: 0c33d70a8a30833d45c2217aeaf8691b17d54c70c136593bf03f7b68109b84ed

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /w/1.0/acj?ai=cb6f0bb8-fcb5-44f1-853b-b5291dfc5a5b&o=2502576315&callback=OX_2502576315&ju=http%3A//johnracg.mystarship.com/lancaer/univr5.html&jr=&auid=538771292&dims=1176x754&adxy=588%2C37&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=UTF-8&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html

                                         
                                         173.241.240.220
HTTP/1.1 302 Moved Temporarily
                                        
Set-Cookie: i=9d918f79-24dd-0d6a-35b7-ab1a6b0b7cfa|1502384687; Version=1; Expires=Fri, 10-Aug-2018 17:04:47 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/11.107.1
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://uol-d.openx.net/w/1.0/acj?cc=1&ai=cb6f0bb8-fcb5-44f1-853b-b5291dfc5a5b&o=2502576315&callback=OX_2502576315&ju=http%3A//johnracg.mystarship.com/lancaer/univr5.html&jr=&auid=538771292&dims=1176x754&adxy=588%2C37&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=UTF-8&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1
Date: Thu, 10 Aug 2017 17:04:47 GMT
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /w/1.0/acj?cc=1&ai=cb6f0bb8-fcb5-44f1-853b-b5291dfc5a5b&o=2502576315&callback=OX_2502576315&ju=http%3A//johnracg.mystarship.com/lancaer/univr5.html&jr=&auid=538771292&dims=1176x754&adxy=588%2C37&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=UTF-8&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html
Cookie: i=9d918f79-24dd-0d6a-35b7-ab1a6b0b7cfa|1502384687

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Vary: Accept
Set-Cookie: i=9d918f79-24dd-0d6a-35b7-ab1a6b0b7cfa|1502384687; Version=1; Expires=Fri, 10-Aug-2018 17:04:47 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/11.107.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Thu, 10 Aug 2017 17:04:47 GMT
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   1016
Md5:    ff5f7c2b8c96e881e40b3117a8f12246
Sha1:   ea1f728809408c70a546699280eaf619a36dc86c
Sha256: c5468cc87a4e6eea22a15223697ae0908e474b995b04bc9f7c25729fc91cf4c1
                                        
                                            GET /ca8e5293-1232-40fe-ac95-528cdbe64295/spoutable.js HTTP/1.1 
Host: cdn.spoutable.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html

                                         
                                         104.20.69.222
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Thu, 10 Aug 2017 17:04:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d7e1e6f76b3380d9fdfbd35c7e81371281502384687; expires=Fri, 10-Aug-18 17:04:47 GMT; path=/; domain=.spoutable.com; HttpOnly
x-amz-id-2: as9z21/63G/lxaQC/NX4+9FJfVwUsT9D8rMxhJh2yL8Y6/r2r7zU0aole2aCJqjsqG+IS1wp6dk=
x-amz-request-id: 1F96070740286B19
Last-Modified: Thu, 10 Aug 2017 16:09:35 GMT
Etag: W/"55e3bd8aae6e3f8dfec6a30c6c00df80"
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Thu, 10 Aug 2017 19:04:47 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 38c48947147f426d-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   830
Md5:    b93008db770708b345cf417cd87ab743
Sha1:   e47c0545c14b0c623064a6d0f967e85d596c1492
Sha256: f46788bdde3c0d172ac8b827d987d1b287d502a4f6f210dbd9239741081c2490
                                        
                                            GET /w/1.0/rr?ts=1fHU9MXxyaWQ9YjU0NjM4NmUtMTUyZC00YjljLWE2YmItYmYwYjMyNTdlZmI3fHJ0PTE1MDIzODQ2ODd8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD0wMWI2MzY1Zi03OTYwLTRmZTUtOTAwYi01MmQzMzM1YmRlNmV8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1idWFJWHJReGh5 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html
Cookie: i=9d918f79-24dd-0d6a-35b7-ab1a6b0b7cfa|1502384687

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: OXGW/11.107.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Thu, 10 Aug 2017 17:04:47 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /w/1.0/ri?ts=1fHU9MXxyaWQ9YjU0NjM4NmUtMTUyZC00YjljLWE2YmItYmYwYjMyNTdlZmI3fHJ0PTE1MDIzODQ2ODd8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD0wMWI2MzY1Zi03OTYwLTRmZTUtOTAwYi01MmQzMzM1YmRlNmV8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1idWFJWHJReGh5 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html
Cookie: i=9d918f79-24dd-0d6a-35b7-ab1a6b0b7cfa|1502384687

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: OXGW/11.107.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Thu, 10 Aug 2017 17:04:47 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Thu, 10 Aug 2017 17:04:07 GMT
Expires: Thu, 10 Aug 2017 19:04:07 GMT
Last-Modified: Tue, 01 Aug 2017 03:25:32 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 16022
Cache-Control: public, max-age=7200
Age: 40


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16022
Md5:    09889dfa1a6bf800507b7a6799c45901
Sha1:   51b1c3f117a0874b6e5ea58bf9e8863c918db4aa
Sha256: 1c92948832be823e16d40195f5f66135368b5cb3f8a7833c3e25f558f16fecfb
                                        
                                            GET /r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1849040015&utmhn=johnracg.mystarship.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=University%20Of%20Kentucky%202007%20Football%20Roster&utmhid=1180801158&utmr=-&utmp=%2Flancaer%2Funivr5.html&utmht=1502384687339&utmac=UA-4601892-10&utmcc=__utma%3D1.1910205110.1502384687.1502384687.1502384687.1%3B%2B__utmz%3D1.1502384687.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=120457933&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Thu, 10 Aug 2017 17:04:47 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /files/login.png HTTP/1.1 
Host: johnracg.mystarship.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/files/style.css
Cookie: OX_ssn=95671521; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 10 Aug 2017 17:04:47 GMT
Server: .V04 Apache
Last-Modified: Mon, 12 Sep 2011 23:40:24 GMT
Etag: "2098ed8-d8-4e6e9868"
Accept-Ranges: bytes
Content-Length: 216
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 11 x 42, 8-bit/color RGB, non-interlaced
Size:   216
Md5:    082c1b993b60c78dc74244a2212f3924
Sha1:   963fca16865183b984b745c66132a25ccfc4e490
Sha256: 1ff1ac0ecc266d30993693af42392efa934f0ab44cbe75d46a11418c3f912cfc
                                        
                                            GET /files/nav.png HTTP/1.1 
Host: johnracg.mystarship.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/files/style.css
Cookie: OX_ssn=95671521; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.44
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Thu, 10 Aug 2017 17:04:47 GMT
Server: .V04 Apache
Last-Modified: Mon, 12 Sep 2011 23:40:20 GMT
Etag: "2098ed6-106-4e6e9864"
Accept-Ranges: bytes
Content-Length: 262
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 2 x 28, 8-bit colormap, non-interlaced
Size:   262
Md5:    50a343b3a35273c4e6c29ab33694ffd3
Sha1:   0fd16e8070371be41656bcd02c23d3be41aa9fe8
Sha256: 69529eeb09e780a80bb33ccf0851aed862427854bbc8386d70b068663e67ca99
                                        
                                            GET /w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909 HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://johnracg.mystarship.com/lancaer/univr5.html
Cookie: i=9d918f79-24dd-0d6a-35b7-ab1a6b0b7cfa|1502384687

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Vary: Accept
Set-Cookie: i=9d918f79-24dd-0d6a-35b7-ab1a6b0b7cfa|1502384687; Version=1; Expires=Fri, 10-Aug-2018 17:04:47 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1502384687|9D; Version=1; Expires=Fri, 25-Aug-2017 17:04:47 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
Server: OXGW/11.107.1
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Thu, 10 Aug 2017 17:04:47 GMT
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   144
Md5:    0ee3d1ec9516bf623a4f9f4fe1ac0de7
Sha1:   1137f814defa2d841e3e419ae46f88421ea0d1f2
Sha256: 51a1db175deb1e8e69f4e16f07fe08c2760aa1241ab979f08c9c4cb6e79892d0
                                        
                                            GET /pixel?google_nid=openx&google_cm&google_sc HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909

                                         
                                         172.217.18.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
Date: Thu, 10 Aug 2017 17:04:47 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 292
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Thu, 10-Aug-2017 17:19:47 GMT; path=/; domain=.doubleclick.net


--- Additional Info ---
Magic:  HTML document text
Size:   292
Md5:    b6e453661d0ddf68898fe6de8bf77403
Sha1:   b5ada9403c9838f483e1ab74f2b4ac290bc5e26e
Sha256: 0cebcca4b12681a67614eb3055af0918df4f03b11d0ec0394a4c39e13d791829
                                        
                                            GET /pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909
Cookie: test_cookie=CheckForPermission

                                         
                                         172.217.18.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHZ08z8O00_BQh-eoSZu55g&google_cver=1
Date: Thu, 10 Aug 2017 17:04:47 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 294
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUk_4wirADzB7vNGMJAQA65ifwrzEo3uyjYa8mhxJUGpkZrtNaH7gA; expires=Sat, 10-Aug-2019 17:04:47 GMT; path=/; domain=.doubleclick.net; HttpOnly


--- Additional Info ---
Magic:  HTML document text
Size:   294
Md5:    a3ccac74bc22067fd0c26436a8c7996d
Sha1:   70f137d6f6bc41d2ec71ce9ea3a7fc2ee80ab78c
Sha256: bfb8338b7ce8a4a8da5d69fdcdb025bf46cd77aeed679e77b0d3aa4a8947e20b
                                        
                                            GET /w/1.0/sd?id=537072991&val=CAESEHZ08z8O00_BQh-eoSZu55g&google_cver=1 HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909
Cookie: i=9d918f79-24dd-0d6a-35b7-ab1a6b0b7cfa|1502384687; pd=v2|1502384687|9D

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Vary: Accept
Server: OXGW/11.107.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Thu, 10 Aug 2017 17:04:47 GMT
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   456
Md5:    60cf42a18f96c0935caffb1302bb8b7e
Sha1:   fdfc563aed4ac885cca7c3383f64ae477faa125e
Sha256: 05a6debb0089aa587bc6fea94bc07c1504c3b33694b80478385b40b3016a8403
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: johnracg.mystarship.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: OX_ssn=95671521; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm; __utma=1.1910205110.1502384687.1502384687.1502384687.1; __utmb=1.1.10.1502384687; __utmc=1; __utmz=1.1502384687.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         64.136.20.44
HTTP/1.1 200 Special Default
Content-Type: image/gif
                                        
Date: Thu, 10 Aug 2017 17:04:47 GMT
Server: .V04 Apache
Last-Modified: Wed, 27 Jul 2011 09:23:13 GMT
Content-Length: 1406
Keep-Alive: timeout=999999, max=999998
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1406
Md5:    d009cced4ed43383291700a3b7a18f86
Sha1:   eff142aafd81e111c728ccf1f1df36cf1c244dce
Sha256: 748f652b4067e9b431761049ae7e3b77e5cf4d3042b2cd7a3b5da379d95d8dab