Overview

URL cortexoverlayer.xyz/
IP34.196.13.28
ASN
Location United States
Report completed2019-03-18 23:28:16 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-03-18 2 cortexoverlayer.xyz/ Phishing
2019-03-18 2 dolohen.com/afu.php?zoneid=2433546 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 34.196.13.28

Date UQ / IDS / BL URL IP
2019-04-23 11:17:55 +0200
0 - 0 - 0 34.196.13.28 34.196.13.28
2019-04-18 15:29:51 +0200
0 - 0 - 0 compensativeopisthotic.xyz 34.196.13.28
2019-04-17 14:11:30 +0200
0 - 0 - 1 exactadvertising.com/ 34.196.13.28
2019-04-13 05:51:46 +0200
0 - 0 - 1 pop.gmial.com/ 34.196.13.28
2019-04-09 17:22:25 +0200
0 - 0 - 1 download.bargain-buddy.net/download/bargain_b (...) 34.196.13.28
2019-04-08 19:22:38 +0200
0 - 0 - 1 minuteallcoca.com/ 34.196.13.28
2019-04-08 14:17:39 +0200
0 - 0 - 1 minuteallcoca.com/ 34.196.13.28
2019-04-04 13:19:16 +0200
0 - 0 - 1 minuteallcoca.com/ 34.196.13.28
2019-04-02 16:21:56 +0200
0 - 0 - 1 minuteallcoca.com/ 34.196.13.28
2019-04-01 22:24:16 +0200
0 - 0 - 1 minuteallcoca.com/ 34.196.13.28

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-04-24 16:51:41 +0200
0 - 0 - 1 freefile-s.ru/X%20Launcher%20New%20With%20OS1 (...) 185.159.131.4
2019-04-24 16:51:31 +0200
0 - 0 - 0 https://kwbenin.com/21?48e2c71f9e48a5f9bbb5ff (...) 148.72.219.160
2019-04-24 16:51:23 +0200
0 - 1 - 0 https://trk.leadcontent.xyz/go.php?trace-lynx=rp 54.37.75.87
2019-04-24 16:51:06 +0200
0 - 4 - 0 applian.com.s3.amazonaws.com/RMSSetup.exe?utm (...) 52.217.0.180
2019-04-24 16:50:57 +0200
0 - 0 - 1 auttentiiquejaapp.com/hbb 46.17.175.26
2019-04-24 16:50:29 +0200
0 - 0 - 0 https://teletype.in/@hagafada/Hy3CMg0c4 164.132.114.207
2019-04-24 16:46:29 +0200
0 - 1 - 25 cedhap.com.br/page-46211 177.53.143.14
2019-04-24 16:46:13 +0200
0 - 0 - 0 https://github.com/finnleya22/avengers-endgam (...) 140.82.118.4
2019-04-24 16:45:32 +0200
0 - 0 - 0 www.hd2wallpapers.com 198.54.117.244
2019-04-24 16:44:37 +0200
0 - 1 - 1 johnnobab.com/base222/azor.exe 185.180.198.176

Last 4 reports on domain: cortexoverlayer.xyz

Date UQ / IDS / BL URL IP
2019-03-14 20:52:44 +0100
0 - 0 - 1 cortexoverlayer.xyz/ 34.196.13.28
2018-12-18 13:10:26 +0100
0 - 0 - 1 cortexoverlayer.xyz 34.196.13.28
2018-12-17 10:20:11 +0100
0 - 0 - 1 cortexoverlayer.xyz 34.196.13.28
2018-12-05 01:16:19 +0100
0 - 0 - 1 cortexoverlayer.xyz/ 34.196.13.28


JavaScript

Executed Scripts (14)


Executed Evals (2)

#1 JavaScript::Eval (size: 5318, repeated: 1) - SHA256: a6a76a343c867c0e8b0ef6339c7fec48580bc2c1e6c0ce80cd805151f90ad6f4

                                        function QCDone(d) {
    try {
        document.getElementById('ci_SW').value = d.SW
    } catch (e) {}
    try {
        document.getElementById('ci_SH').value = d.SH
    } catch (e) {}
    try {
        document.getElementById('ci_SAH').value = d.SAH
    } catch (e) {}
    try {
        document.getElementById('ci_WX').value = d.WX
    } catch (e) {}
    try {
        document.getElementById('ci_WY').value = d.WY
    } catch (e) {}
    try {
        document.getElementById('ci_WW').value = d.WW
    } catch (e) {}
    try {
        document.getElementById('ci_WH').value = d.WH
    } catch (e) {}
    try {
        document.getElementById('ci_CW').value = d.CW
    } catch (e) {}
    try {
        document.getElementById('ci_WIW').value = d.WIW
    } catch (e) {}
    try {
        document.getElementById('ci_WIH').value = d.WIH
    } catch (e) {}
    try {
        document.getElementById('ci_WFC').value = d.WFC
    } catch (e) {}
    try {
        document.getElementById('ci_PL').value = d.PL
    } catch (e) {}
    try {
        document.getElementById('ci_DRF').value = d.DRF
    } catch (e) {}
    try {
        document.getElementById('ci_NP').value = d.NP
    } catch (e) {}
    try {
        document.getElementById('ci_PT').value = d.PT
    } catch (e) {}
    try {
        document.getElementById('ci_NB').value = d.NB
    } catch (e) {}
    try {
        document.getElementById('ci_NG').value = d.NG
    } catch (e) {}
    try {
        document.getElementById('ci_DM').value = d.DM
    } catch (e) {}
    try {
        document.getElementById('ci_CF').value = d.CF
    } catch (e) {}
    try {
        document.getElementById('ci_NW').value = d.NW
    } catch (e) {}
    try {
        document.getElementById('ci_HIL').value = d.HIL
    } catch (e) {}
}
var QC = {};
try {
    QC.SW = window.screen.width;
    QC.SH = window.screen.height
} catch (e) {
    QC.SW = -1;
    QC.SH = -1
}
try {
    QC.SAH = window.screen.availHeight
} catch (e) {
    QC.SAH = -1
}
try {
    QC.WX = window.screenX;
    QC.WY = window.screenY
} catch (e) {
    QC.WX = -1;
    QC.WY = -1
}
try {
    QC.WW = window.outerWidth;
    QC.WH = window.outerHeight
} catch (e) {
    QC.WW = -1;
    QC.WH = -1
}
try {
    QC.WIW = window.innerWidth;
    QC.WIH = window.innerHeight
} catch (e) {
    QC.WIW = -1;
    QC.WIH = -1
}
try {
    QC.CW = document.documentElement.clientWidth
} catch (e) {
    QC.CW = -1
}
try {
    QC.WFC = window.top.frames.length
} catch (e) {
    QC.WFC = -1
}
try {
    QC.PL = document.location.href
} catch (e) {
    QC.PL = ''
}
try {
    QC.DRF = document.referrer
} catch (e) {
    QC.DRF = ''
}
try {
    QC.NP = (!(navigator.plugins instanceof PluginArray) || navigator.plugins.length == 0) ? 0 : 1
} catch (e) {
    QC.NP = -1
}
try {
    QC.PT = window.callPhantom !== undefined || window._phantom !== undefined ? 1 : 0
} catch (e) {
    QC.PT = -1
}
try {
    QC.NB = typeof navigator.sendBeacon === "function" ? 1 : 0
} catch (e) {
    QC.NB = -1
}
try {
    QC.NG = navigator.geolocation !== undefined ? 1 : 0
} catch (e) {
    QC.NG = -1
}
try {
    QC.NW = 'webdriver' in navigator ? 1 : 0
} catch (e) {
    QC.NW = -1
}
QC.CF = 0;
try {
    var FlashDetect = new function() {
        var self = this;
        self.installed = false;
        self.raw = "";
        self.major = -1;
        self.minor = -1;
        self.revision = -1;
        self.revisionStr = "";
        var activeXDetectRules = [{
            "name": "ShockwaveFlash.ShockwaveFlash.7",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash.6",
            "version": function(obj) {
                var version = "6,0,21";
                try {
                    obj.AllowScriptAccess = "always";
                    version = getActiveXVersion(obj)
                } catch (err) {}
                return version
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }];
        var getActiveXVersion = function(activeXObj) {
            var version = -1;
            try {
                version = activeXObj.GetVariable("\$version")
            } catch (err) {}
            return version
        };
        var getActiveXObject = function(name) {
            var obj = -1;
            try {
                obj = new ActiveXObject(name)
            } catch (err) {
                obj = {
                    activeXError: true
                }
            }
            return obj
        };
        var parseActiveXVersion = function(str) {
            var versionArray = str.split(",");
            return {
                "raw": str,
                "major": parseInt(versionArray[0].split(" ")[1], 10),
                "minor": parseInt(versionArray[1], 10),
                "revision": parseInt(versionArray[2], 10),
                "revisionStr": versionArray[2]
            }
        };
        var parseStandardVersion = function(str) {
            var descParts = str.split(/ +/);
            var majorMinor = descParts[2].split(/\./);
            var revisionStr = descParts[3];
            return {
                "raw": str,
                "major": parseInt(majorMinor[0], 10),
                "minor": parseInt(majorMinor[1], 10),
                "revisionStr": revisionStr,
                "revision": parseRevisionStrToInt(revisionStr)
            }
        };
        var parseRevisionStrToInt = function(str) {
            return parseInt(str.replace(/[a-zA-Z]/g, ""), 10) || self.revision
        };
        self.majorAtLeast = function(version) {
            return self.major >= version
        };
        self.minorAtLeast = function(version) {
            return self.minor >= version
        };
        self.revisionAtLeast = function(version) {
            return self.revision >= version
        };
        self.versionAtLeast = function(major) {
            var properties = [self.major, self.minor, self.revision];
            var len = Math.min(properties.length, arguments.length);
            for (i = 0; i < len; i++) {
                if (properties[i] >= arguments[i]) {
                    if (i + 1 < len && properties[i] == arguments[i]) {
                        continue
                    } else {
                        return true
                    }
                } else {
                    return false
                }
            }
        };
        self.FlashDetect = function() {
            if (navigator.plugins && navigator.plugins.length > 0) {
                var type = 'application/x-shockwave-flash';
                var mimeTypes = navigator.mimeTypes;
                if (mimeTypes && mimeTypes[type] && mimeTypes[type].enabledPlugin && mimeTypes[type].enabledPlugin.description) {
                    var version = mimeTypes[type].enabledPlugin.description;
                    var versionObj = parseStandardVersion(version);
                    self.raw = versionObj.raw;
                    self.major = versionObj.major;
                    self.minor = versionObj.minor;
                    self.revisionStr = versionObj.revisionStr;
                    self.revision = versionObj.revision;
                    self.installed = true
                }
            } else if (navigator.appVersion.indexOf("Mac") == -1 && window.execScript) {
                var version = -1;
                for (var i = 0; i < activeXDetectRules.length && version == -1; i++) {
                    var obj = getActiveXObject(activeXDetectRules[i].name);
                    if (!obj.activeXError) {
                        self.installed = true;
                        version = activeXDetectRules[i].version(obj);
                        if (version != -1) {
                            var versionObj = parseActiveXVersion(version);
                            self.raw = versionObj.raw;
                            self.major = versionObj.major;
                            self.minor = versionObj.minor;
                            self.revision = versionObj.revision;
                            self.revisionStr = versionObj.revisionStr
                        }
                    }
                }
            }
        }()
    };
    if (FlashDetect.major > 0) {
        QC.CF = 1
    }
} catch (e) {
    QC.CF = 2
}
try {
    QCDone(QC)
} catch (e) {
    console.log(e)
}
                                    

#2 JavaScript::Eval (size: 613, repeated: 1) - SHA256: 7d79d7f17504a461320f713188b82fa5a1fdfd154969db17892e75294035c861

                                        var a;
var b;
var ix;
if (typeof window.innerWidth != 'undefined') {
    a = window.innerWidth;
    b = window.innerHeight
} else if (typeof document.documentElement != 'undefined' && typeof document.documentElement.clientWidth != 'undefined' && document.documentElement.clientWidth != 0) {
    a = document.documentElement.clientWidth;
    b = document.documentElement.clientHeight
} else {
    a = document.getElementsByTagName('body')[0].clientWidth;
    b = document.getElementsByTagName('body')[0].clientHeight
}
try {
    ix = window.self !== window.top ? 1 : 0
} catch (e) {
    ix = 2
}
document.getElementById('a').value = a;
document.getElementById('b').value = b;
document.getElementById('ix').value = ix;
                                    

Executed Writes (6)

#1 JavaScript::Write (size: 166, repeated: 1) - SHA256: 381e5f0dc1595d61743c13d2f7e1b692af33f8a4ae534c77970947da072be152

                                        < META http - equiv = "refresh"
content = "0;url=http://strandgossamer.xyz/?k=331da9a7fed6f78c9b581b201ffccd8a.1552948080.676.2.1.Y29ydGV4b3ZlcmxheWVyLnh5eg%3D%3D&r=&z=-60" >
                                    

#2 JavaScript::Write (size: 153, repeated: 1) - SHA256: de7d9785d82068173ec2288e21c264e0967eaffb2ce52c9c050807bdea41c784

                                        < audio class = "music"
autoplay loop > < source src = "https://static.informereng.com/templates/games/rpgmasterleague/files/music.mp3"
type = "audio/mp3" > < /audio>
                                    

#3 JavaScript::Write (size: 132, repeated: 1) - SHA256: 37ed64cbb591d848528537235f09c6d538e2bc57dc8cdb733c4a8fea7ef1a92d

                                        < source preload = "yes"
src = "https://static.informereng.com/templates/games/rpgmasterleague/files/bg_loop_03.mp4"
type = "video/webm" / >
                                    

#4 JavaScript::Write (size: 131, repeated: 1) - SHA256: c9f2e9bca06720ff55e8933be5491c99cb091c43bab5b6ab015b28869246b0e0

                                        < source preload = "yes"
src = "https://static.informereng.com/templates/games/rpgmasterleague/files/bg_loop_03.ogv"
type = "video/ogv" / >
                                    

#5 JavaScript::Write (size: 133, repeated: 1) - SHA256: 1755f9a55ceeccb25c1dfbecf7b1c5c86c3eeb61bc986346409a4188163518ef

                                        < source preload = "yes"
src = "https://static.informereng.com/templates/games/rpgmasterleague/files/bg_loop_03.webm"
type = "video/webm" / >
                                    

#6 JavaScript::Write (size: 152, repeated: 1) - SHA256: 6150fdf9182d2c986d6837fca02fd99c266b9a182ac0154ab59b7520db61dcf0

                                        < video loop = "loop"
autoplay = "autoplay"
muted preload = "auto"
poster = "https://static.informereng.com/templates/games/rpgmasterleague/files/bg_fix_03.jpg" >
                                    


HTTP Transactions (24)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: cortexoverlayer.xyz
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         34.196.13.28
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:28:00 GMT
Content-Length: 932
Connection: close
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   932
Md5:    b87935cd347a9fe8c0d413b2b3dc3514
Sha1:   eb86bb7d9ea9302a65aa18b77b4175a299e8848b
Sha256: 89fcd767e45f991833b95fe9489721d9268741fab450ef046d49adc04e70e8c2

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /?k=331da9a7fed6f78c9b581b201ffccd8a.1552948080.676.2.1.Y29ydGV4b3ZlcmxheWVyLnh5eg%3D%3D&r=&z=-60 HTTP/1.1 
Host: strandgossamer.xyz
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         34.196.13.28
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:28:00 GMT
Transfer-Encoding: chunked
Connection: close
Set-Cookie: tpp_u=0%3B1553034464; expires=Wed, 20-Mar-2019 22:27:44 GMT; path=/ tpp_6532422_l=16%3B1553034464; expires=Wed, 20-Mar-2019 22:27:44 GMT; path=/ tpp_ov=102611%3B1553034464; expires=Wed, 20-Mar-2019 22:27:44 GMT; path=/ tpp_ov=102611%2C102652%3B1553034464; expires=Wed, 20-Mar-2019 22:27:44 GMT; path=/ tpp_ov=102611%2C102652%2C102925%3B1553034464; expires=Wed, 20-Mar-2019 22:27:44 GMT; path=/ tpp_bc=142888%3B1553034464; expires=Wed, 20-Mar-2019 22:27:44 GMT; path=/ tpp_oc=102652%3B1553034464; expires=Wed, 20-Mar-2019 22:27:44 GMT; path=/
Expires: Mon, 31 Dec 2001 23:59:59 GMT
Pragma: no-cache
Location: http://dolohen.com/afu.php?zoneid=2433546


--- Additional Info ---
                                        
                                            GET /afu.php?zoneid=2433546 HTTP/1.1 
Host: dolohen.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         88.85.66.249
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: SeenToday=1; expires=Tue, 19-Mar-2019 22:27:44 GMT; Max-Age=86400; path=/ OAGEO5580f=16%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270%7C%2B100; expires=Tue, 19-Mar-2019 22:27:44 GMT; Max-Age=86400; path=/ oaidts=1552948064; expires=Tue, 17-Mar-2020 22:27:44 GMT; Max-Age=31536000; path=/ OAID=d00afe2964b12081ff36e410594e27c1; expires=Tue, 17-Mar-2020 22:27:44 GMT; Max-Age=31536000; path=/ OAID=d00afe2964b12081ff36e410594e27c1; expires=Tue, 17-Mar-2020 22:27:44 GMT; Max-Age=31536000; path=/ OFR=%7B%2229816%22%3A1%7D; expires=Thu, 12-Mar-2020 22:27:44 GMT; Max-Age=31104000; path=/ exsdsf=1552948064 pbk3=5c67e4fe27445924945dd9cdaf0bbd146669861148547514970; expires=Mon, 18-Mar-2019 22:37:44 GMT; Max-Age=600
X-Frame-Options: DENY
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4594
Md5:    b5b56cb4838abf9d04cf3f308dc9b462
Sha1:   f27922582762baa6d3554a853fab8333f1ab8de9
Sha256: ccbfb6f28921cbc891d1b1fa9fbe050654e2083a5f66362b2ef4f57c753c71b6

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /sc.php?zoneid=2433546&bannerid=2587514&OXLCA=1&clickid=131636329183195136 HTTP/1.1 
Host: trecurlik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dolohen.com/afu.php?zoneid=2433546

                                         
                                         88.85.66.185
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:44 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dolohen.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=16%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270%7C%2B100; oaidts=1552948064; OAID=d00afe2964b12081ff36e410594e27c1; OFR=%7B%2229816%22%3A1%7D; exsdsf=1552948064; pbk3=5c67e4fe27445924945dd9cdaf0bbd146669861148547514970

                                         
                                         88.85.66.249
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:45 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /?r=%2Fmb%2Fhan&pbk3=5c67e4fe27445924945dd9cdaf0bbd146669861148547514970&empty=0&uuid=72bd8f2c-cd62-4408-a93c-34a861f1a122&ad_scheme=1&rotation_type=25&ppucounter=0&first_visit=0&on_test=1&offer_views=1&ab_test=2993&adparams=bm9qcz0w&ip=f3d5bb63c9dbdcfb475795d659c65a4e&zoneid=2433546&x=1176&y=754&sw=1176&sh=885&sah=855&wx=-4&wy=-4&ww=1184&wh=863&cw=1176&wiw=1176&wih=754&wfc=0&pl=http%3A%2F%2Fdolohen.com%2Fafu.php%3Fzoneid%3D2433546&drf=&np=1&pt=0&nb=0&ng=1&dm=undefined&cf=1&nw=0&hil=undefined&id=02cdb6bb5e98ad7d1dc5543966b52b56&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=1&sf_type=1&timeout=0 HTTP/1.1 
Host: dolohen.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dolohen.com/afu.php?zoneid=2433546
Cookie: SeenToday=1; OAGEO5580f=16%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270%7C%2B100; oaidts=1552948064; OAID=d00afe2964b12081ff36e410594e27c1; OFR=%7B%2229816%22%3A1%7D; exsdsf=1552948064; pbk3=5c67e4fe27445924945dd9cdaf0bbd146669861148547514970

                                         
                                         88.85.66.249
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: f3d5bb63c9dbdcfb475795d659c65a4e=jgx7HiXIyT6aP8OCH7XbB-PYC-KN4oQIFlXMkLNPW-I; expires=Mon, 25-Mar-2019 22:27:45 GMT; Max-Age=604800 OAGEO5580f=16%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270%7C%2B100; expires=Tue, 19-Mar-2019 22:27:45 GMT; Max-Age=86400; path=/ ppucnt=1; expires=Tue, 19-Mar-2019 22:27:45 GMT; Max-Age=86400; path=/ ppucntstart=1552948065; expires=Tue, 19-Mar-2019 22:27:45 GMT; Max-Age=86400; path=/ allcnt=1; expires=Tue, 17-Mar-2020 22:27:45 GMT; Max-Age=31536000; path=/ OAID=d00afe2964b12081ff36e410594e27c1; expires=Tue, 17-Mar-2020 22:27:45 GMT; Max-Age=31536000; path=/ OFR=%7B%2229816%22%3A2%7D; expires=Thu, 12-Mar-2020 22:27:45 GMT; Max-Age=31104000; path=/ _OACCAP[1866528]=1; expires=Tue, 17-Mar-2020 22:27:45 GMT; Max-Age=31536000; path=/ _OACBLOCK[1866528]=1552948065; expires=Wed, 17-Apr-2019 22:27:45 GMT; Max-Age=2592000; path=/ _OXCCLK[1866528]=1; expires=Tue, 17-Mar-2020 22:27:45 GMT; Max-Age=31536000; path=/ _OXPCLK[144222]=1; expires=Tue, 17-Mar-2020 22:27:45 GMT; Max-Age=31536000; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://informereng.com/?b=2587514&ba=1&campid=1866528&did=&dm=0&ep=1&g=NO&i18db=1&l=RbQPnFHRRPWgimZ&oaid=d00afe2964b12081ff36e410594e27c1&pshr=0&s=131636332693827584&ssk=6b6fb2b4d75efccf62064e95bee49a9e&svar=1552948065.4071&vi=1&vo=1&z=2433546&tr=default&fp=0
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "F7AC50B34FDAC97D47B7C69E6162FC6D1442EA15084A8B815E8FFB5F730FA534"
Last-Modified: Sun, 17 Mar 2019 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4629
Expires: Mon, 18 Mar 2019 23:44:54 GMT
Date: Mon, 18 Mar 2019 22:27:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    d50cde0b360f706ae50387206f15c9b3
Sha1:   44fc6b60cdba47f05c061c2739fa1ff5ffee488b
Sha256: f7ac50b34fdac97d47b7c69e6162fc6d1442ea15084a8b815e8ffb5f730fa534
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Sat, 16 Mar 2019 20:47:11 GMT
Etag: "5a21eb76509b6e76365b446f1a2aad752d1bac8e"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=7533
Expires: Tue, 19 Mar 2019 00:33:18 GMT
Date: Mon, 18 Mar 2019 22:27:45 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    e3ccff6e29f0e316e084d2f107a35b63
Sha1:   5a21eb76509b6e76365b446f1a2aad752d1bac8e
Sha256: 4018a4072157563fcfbf07b0716b13615f09b70c7733c336d2b9c0dc485ed085
                                        
                                            GET /?b=2587514&ba=1&campid=1866528&did=&dm=0&ep=1&g=NO&i18db=1&l=RbQPnFHRRPWgimZ&oaid=d00afe2964b12081ff36e410594e27c1&pshr=0&s=131636332693827584&ssk=6b6fb2b4d75efccf62064e95bee49a9e&svar=1552948065.4071&vi=1&vo=1&z=2433546&tr=default&fp=0 HTTP/1.1 
Host: informereng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dolohen.com/afu.php?zoneid=2433546

                                         
                                         188.72.201.148
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.9
Set-Cookie: reverse=87THqeUQZjoA_d8aYlp9wBBQxkW4DX77ze4HVrBQnPU; expires=Mon, 18-Mar-2019 23:27:45 GMT; Max-Age=3600; path=/
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5903
Md5:    f36d4754193e2ff5c0f2f775ddde6153
Sha1:   406b065934a799b4bcbbcaa941925304794dcb0d
Sha256: 89bb3dad84c150d562beeec013b3cb99af37dd9eb949ee412c9d16aaf777fcc8
                                        
                                            GET /templates/games/rpgmasterleague/files/style.css?v=2 HTTP/1.1 
Host: static.informereng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://informereng.com/?b=2587514&ba=1&campid=1866528&did=&dm=0&ep=1&g=NO&i18db=1&l=RbQPnFHRRPWgimZ&oaid=d00afe2964b12081ff36e410594e27c1&pshr=0&s=131636332693827584&ssk=6b6fb2b4d75efccf62064e95bee49a9e&svar=1552948065.4071&vi=1&vo=1&z=2433546&tr=default&fp=0

                                         
                                         188.72.201.148
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:45 GMT
Last-Modified: Mon, 18 Mar 2019 12:54:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5c8f9522-209a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1739
Md5:    ac80763032846dbcb3e5341eaff5db70
Sha1:   31b9356aa4f287015469bb0866db8a86edbaef06
Sha256: 9a0e8fa8df62c60aefa1bd2763698736c7b55f020a5f8d7eb124afb943d479ff
                                        
                                            GET /templates/games/rpgmasterleague/files/main.js HTTP/1.1 
Host: static.informereng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://informereng.com/?b=2587514&ba=1&campid=1866528&did=&dm=0&ep=1&g=NO&i18db=1&l=RbQPnFHRRPWgimZ&oaid=d00afe2964b12081ff36e410594e27c1&pshr=0&s=131636332693827584&ssk=6b6fb2b4d75efccf62064e95bee49a9e&svar=1552948065.4071&vi=1&vo=1&z=2433546&tr=default&fp=0

                                         
                                         188.72.201.148
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:45 GMT
Last-Modified: Mon, 18 Mar 2019 12:54:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5c8f9522-c58"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   810
Md5:    8f920a568e85376b7ace9f001a977153
Sha1:   5d2b868654bdb3f91e000bc92081aeb7230ddec6
Sha256: 4474c3492d9ca3050a076cc463142600449971178c932c12e2065f9b50102a63
                                        
                                            GET /templates/games/rpgmasterleague/files/bg_fix_cover.png HTTP/1.1 
Host: static.informereng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://informereng.com/?b=2587514&ba=1&campid=1866528&did=&dm=0&ep=1&g=NO&i18db=1&l=RbQPnFHRRPWgimZ&oaid=d00afe2964b12081ff36e410594e27c1&pshr=0&s=131636332693827584&ssk=6b6fb2b4d75efccf62064e95bee49a9e&svar=1552948065.4071&vi=1&vo=1&z=2433546&tr=default&fp=0

                                         
                                         188.72.201.148
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:45 GMT
Content-Length: 14238
Last-Modified: Mon, 18 Mar 2019 12:54:58 GMT
Connection: keep-alive
Etag: "5c8f9522-379e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 854 x 480, 8-bit colormap, non-interlaced
Size:   14238
Md5:    7d420bf35b6d3a2c257ef692d9f7bd0f
Sha1:   6d2c396dc5c6fdf1e788f400d9fb3562fda38d62
Sha256: e522d59af74c40850a97e2538a60ea4437f8f3a9bdadc567a548efe5f227ca31
                                        
                                            GET /templates/games/rpgmasterleague/files/jquery.js HTTP/1.1 
Host: static.informereng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://informereng.com/?b=2587514&ba=1&campid=1866528&did=&dm=0&ep=1&g=NO&i18db=1&l=RbQPnFHRRPWgimZ&oaid=d00afe2964b12081ff36e410594e27c1&pshr=0&s=131636332693827584&ssk=6b6fb2b4d75efccf62064e95bee49a9e&svar=1552948065.4071&vi=1&vo=1&z=2433546&tr=default&fp=0

                                         
                                         188.72.201.148
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:45 GMT
Last-Modified: Mon, 18 Mar 2019 12:54:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5c8f9522-176bb"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   33543
Md5:    53e74b7f14b32882a0476fea22d83361
Sha1:   c90bf9bb6d4ba1ae2b8f12f8dd08f3f1f8e4c228
Sha256: d14b08a1c9903e5f6fc7a7b4561d6f9949d4dba91372173d809d15cb803d2b7b
                                        
                                            GET /templates/games/rpgmasterleague/img/btn_yes.png HTTP/1.1 
Host: static.informereng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://static.informereng.com/templates/games/rpgmasterleague/files/style.css?v=2

                                         
                                         188.72.201.148
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:45 GMT
Content-Length: 12066
Last-Modified: Mon, 18 Mar 2019 12:54:58 GMT
Connection: keep-alive
Etag: "5c8f9522-2f22"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 143 x 129, 8-bit colormap, non-interlaced
Size:   12066
Md5:    0b13f0ade06e0bb4807a7fad9cb4eb14
Sha1:   7ba542ba368586c03d04594deb61f7b23e53c09b
Sha256: 5eea7224ac4344d0d45b8bc8330de8bfe7672850c4ad9c28f3a49e0f524bef90
                                        
                                            GET /templates/games/rpgmasterleague/img/btn_no.png HTTP/1.1 
Host: static.informereng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://static.informereng.com/templates/games/rpgmasterleague/files/style.css?v=2

                                         
                                         188.72.201.148
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:45 GMT
Content-Length: 14697
Last-Modified: Mon, 18 Mar 2019 12:54:58 GMT
Connection: keep-alive
Etag: "5c8f9522-3969"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 143 x 129, 8-bit colormap, non-interlaced
Size:   14697
Md5:    3349000d13755f9a7bc1c989f7142239
Sha1:   2faa8071f7e575b706abae48f1ffd17816903f56
Sha256: 0957d4c97a5de787a0ec234f77d5c9a01190afc872bb161cac133750e572859b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Sun, 17 Mar 2019 16:16:14 GMT
Etag: B46A55BB04B650D3BD8FCC58C8E68AEB636D0976
X-OCSP-Responder-ID: mcdpcaocsp2
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=495485
Expires: Sun, 24 Mar 2019 16:05:51 GMT
Date: Mon, 18 Mar 2019 22:27:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    8986477638beb0c09717df1d70d6a55f
Sha1:   b46a55bb04b650d3bd8fcc58c8e68aeb636d0976
Sha256: ce5ca3b60111dd4a458a4534e94194b61586686258a01d526606c284a6b69ec8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.16
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 14 Mar 2019 11:19:13 GMT
Etag: 3A2B0415779EF21691DFF37A8BA0A93FD99DFA07
X-OCSP-Responder-ID: mcdpcaocsp15
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=218490
Expires: Thu, 21 Mar 2019 11:09:16 GMT
Date: Mon, 18 Mar 2019 22:27:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    014e1f894efb071917e6cb0bbd951e29
Sha1:   3a2b0415779ef21691dff37a8ba0a93fd99dfa07
Sha256: d453be37130dcc7cc7e26d118822bcca760d70bde070acf764b7c9fd496c4bde
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.18
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Thu, 14 Mar 2019 11:19:13 GMT
Etag: 91A3B51CC942A721F34D2FD926581702472F62FB
X-OCSP-Responder-ID: mcdpcaocsp10
Content-Length: 471
Cache-Control: public, no-transform, must-revalidate, max-age=218521
Expires: Thu, 21 Mar 2019 11:09:47 GMT
Date: Mon, 18 Mar 2019 22:27:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   471
Md5:    c88a4046b83d858fb75deafc58d654df
Sha1:   91a3b51cc942a721f34d2fd926581702472f62fb
Sha256: 4d580e57a1de2f80a778a302d925503bcf59c04b03bee4c2c00a49c9c10af34a
                                        
                                            GET /templates/games/rpgmasterleague/img/window.png HTTP/1.1 
Host: static.informereng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://static.informereng.com/templates/games/rpgmasterleague/files/style.css?v=2

                                         
                                         188.72.201.148
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:45 GMT
Content-Length: 58721
Last-Modified: Mon, 18 Mar 2019 12:54:58 GMT
Connection: keep-alive
Etag: "5c8f9522-e561"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 538 x 382, 8-bit colormap, non-interlaced
Size:   58721
Md5:    4c9f9efe9ac0a33992664bd79d0aaa5a
Sha1:   6e06c4cd7568409e70606e9a95a9db00abb923f0
Sha256: a4f2422ff64fa1278a61932d92c1a95b10940f38031c56d2a1434dec581cc0ee
                                        
                                            GET /ntfc.php?p=2090712 HTTP/1.1 
Host: pushazam.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://informereng.com/?b=2587514&ba=1&campid=1866528&did=&dm=0&ep=1&g=NO&i18db=1&l=RbQPnFHRRPWgimZ&oaid=d00afe2964b12081ff36e410594e27c1&pshr=0&s=131636332693827584&ssk=6b6fb2b4d75efccf62064e95bee49a9e&svar=1552948065.4071&vi=1&vo=1&z=2433546&tr=default&fp=0

                                         
                                         188.72.215.114
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: SeenToday=1; expires=Tue, 19-Mar-2019 22:27:46 GMT; Max-Age=86400; path=/ OAGEO5580f=16%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270%7C%2B100; expires=Tue, 19-Mar-2019 22:27:46 GMT; Max-Age=86400; path=/ oaidts=1552948066; expires=Tue, 17-Mar-2020 22:27:46 GMT; Max-Age=31536000; path=/ OAID=33ab4ef3c22a54021e907fa667223501; expires=Tue, 17-Mar-2020 22:27:46 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4500
Md5:    fb8669c104c65900603fca1fc7af7656
Sha1:   a871a7e69e950a4b328ea6d0b11222e0c8e2a0b1
Sha256: 1706d0ae69966648febf56095615601438ef6f9bd67f3aa7e2cbf9056ae885ac
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dolohen.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=16%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270%7C%2B100; oaidts=1552948064; OAID=d00afe2964b12081ff36e410594e27c1; OFR=%7B%2229816%22%3A2%7D; exsdsf=1552948064; pbk3=5c67e4fe27445924945dd9cdaf0bbd146669861148547514970; f3d5bb63c9dbdcfb475795d659c65a4e=jgx7HiXIyT6aP8OCH7XbB-PYC-KN4oQIFlXMkLNPW-I; ppucnt=1; ppucntstart=1552948065; allcnt=1; _OACCAP[1866528]=1; _OACBLOCK[1866528]=1552948065; _OXCCLK[1866528]=1; _OXPCLK[144222]=1

                                         
                                         88.85.66.249
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:47 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /templates/games/rpgmasterleague/files/bg_fix_03.jpg HTTP/1.1 
Host: static.informereng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://informereng.com/?b=2587514&ba=1&campid=1866528&did=&dm=0&ep=1&g=NO&i18db=1&l=RbQPnFHRRPWgimZ&oaid=d00afe2964b12081ff36e410594e27c1&pshr=0&s=131636332693827584&ssk=6b6fb2b4d75efccf62064e95bee49a9e&svar=1552948065.4071&vi=1&vo=1&z=2433546&tr=default&fp=0

                                         
                                         188.72.201.148
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:45 GMT
Content-Length: 273784
Last-Modified: Mon, 18 Mar 2019 12:54:58 GMT
Connection: keep-alive
Etag: "5c8f9522-42d78"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   273784
Md5:    ae5a9eac2e4d78a8296112ab6f0bd5e8
Sha1:   f1e05f7ee55bdeb594223fad8f9a17d5e1d8f835
Sha256: 1978a1f171fad54d913565108f9ae5c29b06ae0ab785379c1b951c03369783c9
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: informereng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: reverse=87THqeUQZjoA_d8aYlp9wBBQxkW4DX77ze4HVrBQnPU

                                         
                                         188.72.201.148
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:48 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=60
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: informereng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: reverse=87THqeUQZjoA_d8aYlp9wBBQxkW4DX77ze4HVrBQnPU

                                         
                                         188.72.201.148
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Mon, 18 Mar 2019 22:27:51 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=60
X-Content-Type-Options: nosniff


--- Additional Info ---