Overview

URL bestadbid.com/afu.php?zoneid=1543567
IP188.42.162.193
ASN
Location Luxembourg
Report completed2018-08-24 16:13:05 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-08-24 2 bestadbid.com/afu.php?zoneid=1543567 Malware
2018-08-24 2 static.audienceline.com/templates/audio/system-player/css/style.css?v=1.0 Malware
2018-08-24 2 static.audienceline.com/templates/_assets/sounds/thunderbird/default.ogg Malware
2018-08-24 2 static.audienceline.com/templates/audio/system-player/audio/song.mp3 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 188.42.162.193

Date UQ / IDS / BL URL IP
2019-01-06 19:35:48 +0100
0 - 0 - 0 bestadbid.com 188.42.162.193
2018-10-12 16:37:19 +0200
0 - 0 - 0 https://bestadbid.com 188.42.162.193
2018-09-26 02:37:00 +0200
0 - 0 - 1 bestadbid.com 188.42.162.193
2018-09-21 00:01:52 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1543567 188.42.162.193
2018-08-25 04:16:47 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1543567 188.42.162.193
2018-08-23 23:39:08 +0200
0 - 0 - 3 bestadbid.com/afu.php?zoneid=1543567 188.42.162.193
2018-08-23 13:34:37 +0200
0 - 0 - 4 bestadbid.com/afu.php?zoneid=1543567 188.42.162.193
2018-08-22 14:07:24 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1543567 188.42.162.193
2018-08-21 21:39:08 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1543567 188.42.162.193
2018-08-21 19:58:13 +0200
0 - 0 - 1 bestadbid.com/afu.php?zoneid=1543567 188.42.162.193

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-03-24 08:48:31 +0100
0 - 0 - 9 https://diiicard.de/admin/css/B2018/Onlineacc (...) 185.30.32.159
2019-03-24 08:48:15 +0100
0 - 1 - 0 xn----7sbabahd7dcewih1a7a4l3b.com.ua/ 137.74.193.31
2019-03-24 08:46:53 +0100
0 - 3 - 0 kbw8128.pw/ 151.106.51.67
2019-03-24 08:46:17 +0100
0 - 1 - 0 planetvit.gq/ 172.96.184.141
2019-03-24 08:43:43 +0100
0 - 0 - 1 pppk.net/ 47.52.135.116
2019-03-24 08:39:37 +0100
0 - 1 - 0 jailmine.org/ 156.234.73.94
2019-03-24 08:38:00 +0100
0 - 0 - 3 runescape.com-z.me/ztt 68.66.224.30
2019-03-24 08:36:52 +0100
0 - 4 - 1 28260.xc.41gw.com/xiaz/%E5%BA%94%E7%94%A8%E5% (...) 114.55.188.114
2019-03-24 08:36:10 +0100
0 - 4 - 1 28173.xc.41gw.com/xiaz/%E9%85%B7%E7%8B%97%E9% (...) 139.224.39.0
2019-03-24 08:33:58 +0100
0 - 0 - 1 lescieuxbtq.com/ 185.230.60.173

Last 10 reports on domain: bestadbid.com

Date UQ / IDS / BL URL IP
2019-02-25 18:55:02 +0100
0 - 0 - 1 https://bestadbid.com/?r=%2Fmb%2Fhan&pbk3=4b9 (...) 194.187.98.176
2019-02-13 15:40:15 +0100
0 - 0 - 0 https://bestadbid.com 88.85.82.180
2019-01-06 19:35:48 +0100
0 - 0 - 0 bestadbid.com 188.42.162.193
2018-10-12 16:37:19 +0200
0 - 0 - 0 https://bestadbid.com 188.42.162.193
2018-10-09 12:07:19 +0200
0 - 0 - 0 bestadbid.com 194.187.98.176
2018-10-01 18:33:35 +0200
0 - 0 - 0 bestadbid.com/afu.php?zoneid=1748446&var=1084 (...) 88.85.82.180
2018-09-26 22:40:38 +0200
0 - 0 - 0 https://bestadbid.com/afu.php?zoneid=1850667& (...) 194.187.98.176
2018-09-26 03:03:02 +0200
0 - 0 - 1 https://bestadbid.com/ 88.85.82.180
2018-09-26 02:37:00 +0200
0 - 0 - 1 bestadbid.com 188.42.162.193
2018-09-24 20:38:06 +0200
0 - 0 - 1 bestadbid.com 194.187.98.176


JavaScript

Executed Scripts (6)


Executed Evals (2)

#1 JavaScript::Eval (size: 5318, repeated: 1) - SHA256: a6a76a343c867c0e8b0ef6339c7fec48580bc2c1e6c0ce80cd805151f90ad6f4

                                        function QCDone(d) {
    try {
        document.getElementById('ci_SW').value = d.SW
    } catch (e) {}
    try {
        document.getElementById('ci_SH').value = d.SH
    } catch (e) {}
    try {
        document.getElementById('ci_SAH').value = d.SAH
    } catch (e) {}
    try {
        document.getElementById('ci_WX').value = d.WX
    } catch (e) {}
    try {
        document.getElementById('ci_WY').value = d.WY
    } catch (e) {}
    try {
        document.getElementById('ci_WW').value = d.WW
    } catch (e) {}
    try {
        document.getElementById('ci_WH').value = d.WH
    } catch (e) {}
    try {
        document.getElementById('ci_CW').value = d.CW
    } catch (e) {}
    try {
        document.getElementById('ci_WIW').value = d.WIW
    } catch (e) {}
    try {
        document.getElementById('ci_WIH').value = d.WIH
    } catch (e) {}
    try {
        document.getElementById('ci_WFC').value = d.WFC
    } catch (e) {}
    try {
        document.getElementById('ci_PL').value = d.PL
    } catch (e) {}
    try {
        document.getElementById('ci_DRF').value = d.DRF
    } catch (e) {}
    try {
        document.getElementById('ci_NP').value = d.NP
    } catch (e) {}
    try {
        document.getElementById('ci_PT').value = d.PT
    } catch (e) {}
    try {
        document.getElementById('ci_NB').value = d.NB
    } catch (e) {}
    try {
        document.getElementById('ci_NG').value = d.NG
    } catch (e) {}
    try {
        document.getElementById('ci_DM').value = d.DM
    } catch (e) {}
    try {
        document.getElementById('ci_CF').value = d.CF
    } catch (e) {}
    try {
        document.getElementById('ci_NW').value = d.NW
    } catch (e) {}
    try {
        document.getElementById('ci_HIL').value = d.HIL
    } catch (e) {}
}
var QC = {};
try {
    QC.SW = window.screen.width;
    QC.SH = window.screen.height
} catch (e) {
    QC.SW = -1;
    QC.SH = -1
}
try {
    QC.SAH = window.screen.availHeight
} catch (e) {
    QC.SAH = -1
}
try {
    QC.WX = window.screenX;
    QC.WY = window.screenY
} catch (e) {
    QC.WX = -1;
    QC.WY = -1
}
try {
    QC.WW = window.outerWidth;
    QC.WH = window.outerHeight
} catch (e) {
    QC.WW = -1;
    QC.WH = -1
}
try {
    QC.WIW = window.innerWidth;
    QC.WIH = window.innerHeight
} catch (e) {
    QC.WIW = -1;
    QC.WIH = -1
}
try {
    QC.CW = document.documentElement.clientWidth
} catch (e) {
    QC.CW = -1
}
try {
    QC.WFC = window.top.frames.length
} catch (e) {
    QC.WFC = -1
}
try {
    QC.PL = document.location.href
} catch (e) {
    QC.PL = ''
}
try {
    QC.DRF = document.referrer
} catch (e) {
    QC.DRF = ''
}
try {
    QC.NP = (!(navigator.plugins instanceof PluginArray) || navigator.plugins.length == 0) ? 0 : 1
} catch (e) {
    QC.NP = -1
}
try {
    QC.PT = window.callPhantom !== undefined || window._phantom !== undefined ? 1 : 0
} catch (e) {
    QC.PT = -1
}
try {
    QC.NB = typeof navigator.sendBeacon === "function" ? 1 : 0
} catch (e) {
    QC.NB = -1
}
try {
    QC.NG = navigator.geolocation !== undefined ? 1 : 0
} catch (e) {
    QC.NG = -1
}
try {
    QC.NW = 'webdriver' in navigator ? 1 : 0
} catch (e) {
    QC.NW = -1
}
QC.CF = 0;
try {
    var FlashDetect = new function() {
        var self = this;
        self.installed = false;
        self.raw = "";
        self.major = -1;
        self.minor = -1;
        self.revision = -1;
        self.revisionStr = "";
        var activeXDetectRules = [{
            "name": "ShockwaveFlash.ShockwaveFlash.7",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash.6",
            "version": function(obj) {
                var version = "6,0,21";
                try {
                    obj.AllowScriptAccess = "always";
                    version = getActiveXVersion(obj)
                } catch (err) {}
                return version
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }];
        var getActiveXVersion = function(activeXObj) {
            var version = -1;
            try {
                version = activeXObj.GetVariable("\$version")
            } catch (err) {}
            return version
        };
        var getActiveXObject = function(name) {
            var obj = -1;
            try {
                obj = new ActiveXObject(name)
            } catch (err) {
                obj = {
                    activeXError: true
                }
            }
            return obj
        };
        var parseActiveXVersion = function(str) {
            var versionArray = str.split(",");
            return {
                "raw": str,
                "major": parseInt(versionArray[0].split(" ")[1], 10),
                "minor": parseInt(versionArray[1], 10),
                "revision": parseInt(versionArray[2], 10),
                "revisionStr": versionArray[2]
            }
        };
        var parseStandardVersion = function(str) {
            var descParts = str.split(/ +/);
            var majorMinor = descParts[2].split(/\./);
            var revisionStr = descParts[3];
            return {
                "raw": str,
                "major": parseInt(majorMinor[0], 10),
                "minor": parseInt(majorMinor[1], 10),
                "revisionStr": revisionStr,
                "revision": parseRevisionStrToInt(revisionStr)
            }
        };
        var parseRevisionStrToInt = function(str) {
            return parseInt(str.replace(/[a-zA-Z]/g, ""), 10) || self.revision
        };
        self.majorAtLeast = function(version) {
            return self.major >= version
        };
        self.minorAtLeast = function(version) {
            return self.minor >= version
        };
        self.revisionAtLeast = function(version) {
            return self.revision >= version
        };
        self.versionAtLeast = function(major) {
            var properties = [self.major, self.minor, self.revision];
            var len = Math.min(properties.length, arguments.length);
            for (i = 0; i < len; i++) {
                if (properties[i] >= arguments[i]) {
                    if (i + 1 < len && properties[i] == arguments[i]) {
                        continue
                    } else {
                        return true
                    }
                } else {
                    return false
                }
            }
        };
        self.FlashDetect = function() {
            if (navigator.plugins && navigator.plugins.length > 0) {
                var type = 'application/x-shockwave-flash';
                var mimeTypes = navigator.mimeTypes;
                if (mimeTypes && mimeTypes[type] && mimeTypes[type].enabledPlugin && mimeTypes[type].enabledPlugin.description) {
                    var version = mimeTypes[type].enabledPlugin.description;
                    var versionObj = parseStandardVersion(version);
                    self.raw = versionObj.raw;
                    self.major = versionObj.major;
                    self.minor = versionObj.minor;
                    self.revisionStr = versionObj.revisionStr;
                    self.revision = versionObj.revision;
                    self.installed = true
                }
            } else if (navigator.appVersion.indexOf("Mac") == -1 && window.execScript) {
                var version = -1;
                for (var i = 0; i < activeXDetectRules.length && version == -1; i++) {
                    var obj = getActiveXObject(activeXDetectRules[i].name);
                    if (!obj.activeXError) {
                        self.installed = true;
                        version = activeXDetectRules[i].version(obj);
                        if (version != -1) {
                            var versionObj = parseActiveXVersion(version);
                            self.raw = versionObj.raw;
                            self.major = versionObj.major;
                            self.minor = versionObj.minor;
                            self.revision = versionObj.revision;
                            self.revisionStr = versionObj.revisionStr
                        }
                    }
                }
            }
        }()
    };
    if (FlashDetect.major > 0) {
        QC.CF = 1
    }
} catch (e) {
    QC.CF = 2
}
try {
    QCDone(QC)
} catch (e) {
    console.log(e)
}
                                    

#2 JavaScript::Eval (size: 613, repeated: 1) - SHA256: 7d79d7f17504a461320f713188b82fa5a1fdfd154969db17892e75294035c861

                                        var a;
var b;
var ix;
if (typeof window.innerWidth != 'undefined') {
    a = window.innerWidth;
    b = window.innerHeight
} else if (typeof document.documentElement != 'undefined' && typeof document.documentElement.clientWidth != 'undefined' && document.documentElement.clientWidth != 0) {
    a = document.documentElement.clientWidth;
    b = document.documentElement.clientHeight
} else {
    a = document.getElementsByTagName('body')[0].clientWidth;
    b = document.getElementsByTagName('body')[0].clientHeight
}
try {
    ix = window.self !== window.top ? 1 : 0
} catch (e) {
    ix = 2
}
document.getElementById('a').value = a;
document.getElementById('b').value = b;
document.getElementById('ix').value = ix;
                                    

Executed Writes (0)



HTTP Transactions (19)


Request Response
                                        
                                            GET /afu.php?zoneid=1543567 HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         188.42.162.193
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: SeenToday=1; expires=Sat, 25-Aug-2018 14:12:32 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; expires=Sat, 25-Aug-2018 14:12:32 GMT; Max-Age=86400; path=/ oaidts=1535119952; expires=Sat, 24-Aug-2019 14:12:32 GMT; Max-Age=31536000; path=/ OAID=3898dc5189bfe83ebbcd834b0feee84d; expires=Sat, 24-Aug-2019 14:12:32 GMT; Max-Age=31536000; path=/ OAID=3898dc5189bfe83ebbcd834b0feee84d; expires=Sat, 24-Aug-2019 14:12:32 GMT; Max-Age=31536000; path=/ exsdsf=1535119952 pbk3=b03798969cc1966dedb61a3187e7d0806593289990671412092; expires=Fri, 24-Aug-2018 14:22:32 GMT; Max-Age=600 ltm_afu=1; expires=Sat, 25-Aug-2018 14:12:32 GMT; Max-Age=86400; path=/
X-FRAME-OPTIONS: DENY
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4547
Md5:    3a801d271848786d66cf0a1c8e11ff1a
Sha1:   34a72cb390af21a6e57781fbbec2afd8af7e28db
Sha256: 11c736b0ff4244b80e79739ccd426501360c9b2e1843e6f9b5b3da99e51e74bb

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; oaidts=1535119952; OAID=3898dc5189bfe83ebbcd834b0feee84d; exsdsf=1535119952; pbk3=b03798969cc1966dedb61a3187e7d0806593289990671412092; ltm_afu=1

                                         
                                         188.42.162.193
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:33 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /?r=%2Fmb%2Fhan&zoneid=1543567&pbk3=b03798969cc1966dedb61a3187e7d0806593289990671412092&empty=0&uuid=a8682b25-965b-430d-bea2-e7780d429a63&ad_scheme=1&rotation_type=13&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=1474&adparams=bm9qcz0w&ip=f3d5bb63c9dbdcfb475795d659c65a4e&x=1176&y=754&sw=1176&sh=885&sah=855&wx=-4&wy=-4&ww=1184&wh=863&cw=1176&wiw=1176&wih=754&wfc=0&pl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1543567&drf=&np=1&pt=0&nb=0&ng=1&dm=undefined&cf=1&nw=0&hil=undefined&id=c413305f70e2d74094cfcea7b1184d6d&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=1&timeout=0 HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bestadbid.com/afu.php?zoneid=1543567
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; oaidts=1535119952; OAID=3898dc5189bfe83ebbcd834b0feee84d; exsdsf=1535119952; pbk3=b03798969cc1966dedb61a3187e7d0806593289990671412092; ltm_afu=1

                                         
                                         188.42.162.193
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: f3d5bb63c9dbdcfb475795d659c65a4e=q2I1bNeRVVtBPELTjbdEl8A5vlid7HA9jkViX15WkCw; expires=Fri, 31-Aug-2018 14:12:34 GMT; Max-Age=604800 OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; expires=Sat, 25-Aug-2018 14:12:33 GMT; Max-Age=86399; path=/ ppucnt=1; expires=Sat, 25-Aug-2018 14:12:33 GMT; Max-Age=86399; path=/ ppucntstart=1535119953; expires=Sat, 25-Aug-2018 14:12:33 GMT; Max-Age=86399; path=/ allcnt=1; expires=Sat, 24-Aug-2019 14:12:33 GMT; Max-Age=31535999; path=/ OAID=3898dc5189bfe83ebbcd834b0feee84d; expires=Sat, 24-Aug-2019 14:12:33 GMT; Max-Age=31535999; path=/ _OACCAP[1221832]=1; expires=Sat, 24-Aug-2019 14:12:33 GMT; Max-Age=31535999; path=/ _OACBLOCK[1221832]=1535119953; expires=Sun, 23-Sep-2018 14:12:33 GMT; Max-Age=2591999; path=/ _OXCCLK[1221832]=1; expires=Sat, 24-Aug-2019 14:12:33 GMT; Max-Age=31535999; path=/ _OXPCLK[129396]=1; expires=Sat, 24-Aug-2019 14:12:33 GMT; Max-Age=31535999; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://psebsifil.com/?s=56859813321117698&z=1543567&g=NO&svar=1535119953.9034&ssk=fbb85bdbce1456b3a1a056e9ae40159c&oaid=3898dc5189bfe83ebbcd834b0feee84d&h=a528eb5f6660c2459e16010a2b139581b1b82a7b&b=1920254&did=&campid=1221832
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.107
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "C351A65577425137DBBB5BB8FA1129376A346920BCAD97F8A79D4CFE89C1FCD8"
Last-Modified: Thu, 23 Aug 2018 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13710
Expires: Fri, 24 Aug 2018 18:01:04 GMT
Date: Fri, 24 Aug 2018 14:12:34 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    636424f381ece9268b0bf9e9c24a0cef
Sha1:   566e57f2767aa0b7f7e14f077d723fc73b64928e
Sha256: c351a65577425137dbbb5bb8fa1129376a346920bcad97f8a79d4cfe89c1fcd8
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.113
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Wed, 22 Aug 2018 21:49:57 GMT
Etag: "755d66f75948eb7c3d7c44eae9b148e5327026d6"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=14615
Expires: Fri, 24 Aug 2018 18:16:09 GMT
Date: Fri, 24 Aug 2018 14:12:34 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    6e5e9dc0e9dbb8f27e5d2bef004b44cd
Sha1:   755d66f75948eb7c3d7c44eae9b148e5327026d6
Sha256: 453cedf9c07be4418005128cf91cb405f01b763e1466310a2f2d20d2f685fca0
                                        
                                            GET /?s=56859813321117698&z=1543567&g=NO&svar=1535119953.9034&ssk=fbb85bdbce1456b3a1a056e9ae40159c&oaid=3898dc5189bfe83ebbcd834b0feee84d&h=a528eb5f6660c2459e16010a2b139581b1b82a7b&b=1920254&did=&campid=1221832 HTTP/1.1 
Host: psebsifil.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bestadbid.com/afu.php?zoneid=1543567

                                         
                                         188.42.224.21
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.9
Location: https://audienceline.com/?b=1920254&ba=0&campid=1221832&did=&dm=0&ep=0&fp=0&g=NO&hr=0&i18db=1&l=35cvT0Wd6El6Gap&oaid=3898dc5189bfe83ebbcd834b0feee84d&pshr=0&rd=0&s=56859813321117698&ssk=fbb85bdbce1456b3a1a056e9ae40159c&svar=1535119953.9034&vi=1&vo=1&z=1543567&tr=default&meta-id=MTk3NTk5&meta-tds-id=MTA4NDU&meta-tracking-id=MTMzNDMxMw


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.107
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "F0E35DE94C30591242F7179B7F27F7365104104D5B4EC26FF12702AF1394C26D"
Last-Modified: Wed, 22 Aug 2018 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7055
Expires: Fri, 24 Aug 2018 16:10:09 GMT
Date: Fri, 24 Aug 2018 14:12:34 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    554f169a2dac31765b868933e8230ef7
Sha1:   646cc185087a4a1f750ff63df7aa54ebe9f0c3c8
Sha256: f0e35de94c30591242f7179b7f27f7365104104d5b4ec26ff12702af1394c26d
                                        
                                            GET /?b=1920254&ba=0&campid=1221832&did=&dm=0&ep=0&fp=0&g=NO&hr=0&i18db=1&l=35cvT0Wd6El6Gap&oaid=3898dc5189bfe83ebbcd834b0feee84d&pshr=0&rd=0&s=56859813321117698&ssk=fbb85bdbce1456b3a1a056e9ae40159c&svar=1535119953.9034&vi=1&vo=1&z=1543567&tr=default&meta-id=MTk3NTk5&meta-tds-id=MTA4NDU&meta-tracking-id=MTMzNDMxMw HTTP/1.1 
Host: audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bestadbid.com/afu.php?zoneid=1543567

                                         
                                         188.42.224.230
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.9
Set-Cookie: reverse=2ZfqC9uM9Gzk1KSKbVS0Uuqj7rkK2mvWnnzgEPalk_E; expires=Fri, 24-Aug-2018 15:12:34 GMT; Max-Age=3600; path=/
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21517
Md5:    5300e331f1354c7a64238701823502ce
Sha1:   7f81d095050bc9ec59483139036403b184ba5a26
Sha256: 6e20b38c7618a99e7c75a6abc42a1e084cd838d375c148b38f26947c54313a16
                                        
                                            GET /templates/audio/system-player/css/style.css?v=1.0 HTTP/1.1 
Host: static.audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://audienceline.com/?b=1920254&ba=0&campid=1221832&did=&dm=0&ep=0&fp=0&g=NO&hr=0&i18db=1&l=35cvT0Wd6El6Gap&oaid=3898dc5189bfe83ebbcd834b0feee84d&pshr=0&rd=0&s=56859813321117698&ssk=fbb85bdbce1456b3a1a056e9ae40159c&svar=1535119953.9034&vi=1&vo=1&z=1543567&tr=default&meta-id=MTk3NTk5&meta-tds-id=MTA4NDU&meta-tracking-id=MTMzNDMxMw

                                         
                                         188.42.224.230
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:34 GMT
Last-Modified: Fri, 24 Aug 2018 12:35:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5b7ffb95-a3b"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   684
Md5:    705bd18bf8489626985ad69f5a743017
Sha1:   163fd3d3a63dd6db1b70db182a20569108ed4f25
Sha256: 5c89b523bd0a040fd5b428761800c03ece9413e80742d618e381d1627e59b115

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /templates/audio/system-player/images/file.png HTTP/1.1 
Host: static.audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://audienceline.com/?b=1920254&ba=0&campid=1221832&did=&dm=0&ep=0&fp=0&g=NO&hr=0&i18db=1&l=35cvT0Wd6El6Gap&oaid=3898dc5189bfe83ebbcd834b0feee84d&pshr=0&rd=0&s=56859813321117698&ssk=fbb85bdbce1456b3a1a056e9ae40159c&svar=1535119953.9034&vi=1&vo=1&z=1543567&tr=default&meta-id=MTk3NTk5&meta-tds-id=MTA4NDU&meta-tracking-id=MTMzNDMxMw

                                         
                                         188.42.224.230
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:34 GMT
Content-Length: 9018
Last-Modified: Fri, 24 Aug 2018 12:35:33 GMT
Connection: keep-alive
Etag: "5b7ffb95-233a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 85 x 99, 8-bit/color RGBA, non-interlaced
Size:   9018
Md5:    43e6049191363516c71c65f850413916
Sha1:   7b62d36a0e856928f892f46283baf0bce6a7627e
Sha256: 72523a05222d0987ede8bcb543cbb89acff86346851fa1e34a35eb0758478739
                                        
                                            GET /templates/audio/system-player/images/warning.png HTTP/1.1 
Host: static.audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://audienceline.com/?b=1920254&ba=0&campid=1221832&did=&dm=0&ep=0&fp=0&g=NO&hr=0&i18db=1&l=35cvT0Wd6El6Gap&oaid=3898dc5189bfe83ebbcd834b0feee84d&pshr=0&rd=0&s=56859813321117698&ssk=fbb85bdbce1456b3a1a056e9ae40159c&svar=1535119953.9034&vi=1&vo=1&z=1543567&tr=default&meta-id=MTk3NTk5&meta-tds-id=MTA4NDU&meta-tracking-id=MTMzNDMxMw

                                         
                                         188.42.224.230
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:34 GMT
Content-Length: 1681
Last-Modified: Fri, 24 Aug 2018 12:35:33 GMT
Connection: keep-alive
Etag: "5b7ffb95-691"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 45 x 39, 8-bit/color RGBA, non-interlaced
Size:   1681
Md5:    3e9c27118129d764c7c10a78461ae924
Sha1:   a3dcff1be16760085903185d8895872447a9e2fb
Sha256: 0fdbcea28cd60961dd1336cef7479c0aea0a7a6b661f769057edcf62dfb5c16a
                                        
                                            GET /templates/_assets/sounds/thunderbird/default.ogg HTTP/1.1 
Host: static.audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Range: bytes=0-

                                         
                                         188.42.224.230
HTTP/1.1 206 Partial Content
Content-Type: audio/ogg
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:34 GMT
Content-Length: 17412
Last-Modified: Fri, 24 Aug 2018 12:35:33 GMT
Connection: keep-alive
Etag: "5b7ffb95-4404"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Range: bytes 0-17411/17412


--- Additional Info ---
Magic:  Ogg data, Vorbis audio, stereo, 44100 Hz, ~160000 bps, created by: Xiph.Org libVorbis I
Size:   17412
Md5:    a36387b367b000edf65134814ec79da3
Sha1:   1ac203225405ca93ca722633ba8a948c9e6280c9
Sha256: 26a893d1f82f4d593f6a9f68929a6d39eeb66cf178efc476ba7b2a20f2622df8

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: status.rapidssl.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=166848
Date: Fri, 24 Aug 2018 14:12:34 GMT
Etag: "5b7fb40f-1d7"
Expires: Sun, 26 Aug 2018 12:30:05 GMT
Last-Modified: Fri, 24 Aug 2018 07:30:23 GMT
Server: ECS (arn/4691)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    0c2317aed1f2d237f58768f34850f851
Sha1:   920c45806e615cbb173830221072c59b94623672
Sha256: e8cd3adc91ab80b6addce84904cf486d5b332a994ca130de944bc62439e1bb95
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=161161
Date: Fri, 24 Aug 2018 14:12:34 GMT
Etag: "5b7fd535-1d7"
Expires: Sun, 26 Aug 2018 10:52:01 GMT
Last-Modified: Fri, 24 Aug 2018 09:51:49 GMT
Server: ECS (arn/4598)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    391a1586e6342d396d139fd82627d246
Sha1:   e3df8f83a9ee4386cbab10e8a2fa8986dabee650
Sha256: 4a2447048ae09b72807edcc3cee913282edf9ac4811fe5c4d78961a927899848
                                        
                                            GET /index/1686870/?tc=s&ucis=false&var=1543567 HTTP/1.1 
Host: o.pushsight.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://audienceline.com/?b=1920254&ba=0&campid=1221832&did=&dm=0&ep=0&fp=0&g=NO&hr=0&i18db=1&l=35cvT0Wd6El6Gap&oaid=3898dc5189bfe83ebbcd834b0feee84d&pshr=0&rd=0&s=56859813321117698&ssk=fbb85bdbce1456b3a1a056e9ae40159c&svar=1535119953.9034&vi=1&vo=1&z=1543567&tr=default&meta-id=MTk3NTk5&meta-tds-id=MTA4NDU&meta-tracking-id=MTMzNDMxMw

                                         
                                         23.111.231.73
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Set-Cookie: SeenToday=1; expires=Sat, 25-Aug-2018 14:12:34 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C1%7C11329%7C43703%7C%3F%7C578205; expires=Sat, 25-Aug-2018 14:12:34 GMT; Max-Age=86400; path=/ oaidts=1535119954; expires=Sat, 24-Aug-2019 14:12:34 GMT; Max-Age=31536000; path=/ OAID=4ae96499687be9343aaab481800f3868; expires=Sat, 24-Aug-2019 14:12:34 GMT; Max-Age=31536000; path=/
Content-Encoding: gzip
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   27229
Md5:    7d98ca4df9cf81096a13b80ee4c23215
Sha1:   50227f53f465df7e1085b49817124018a871cc08
Sha256: 7fb4cc37a29347c3e1debb153b5a258fd147a8423902b534b8d57bfa34ce5159
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: reverse=2ZfqC9uM9Gzk1KSKbVS0Uuqj7rkK2mvWnnzgEPalk_E

                                         
                                         188.42.224.230
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:35 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: bestadbid.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C02%7CLORENSKOG%7CXDSL%7CBROADNET+AS%7C%7C11329%7C43703%7C%3F%7C578205; oaidts=1535119952; OAID=3898dc5189bfe83ebbcd834b0feee84d; exsdsf=1535119952; pbk3=b03798969cc1966dedb61a3187e7d0806593289990671412092; ltm_afu=1; f3d5bb63c9dbdcfb475795d659c65a4e=q2I1bNeRVVtBPELTjbdEl8A5vlid7HA9jkViX15WkCw; ppucnt=1; ppucntstart=1535119953; allcnt=1; _OACCAP[1221832]=1; _OACBLOCK[1221832]=1535119953; _OXCCLK[1221832]=1; _OXPCLK[129396]=1

                                         
                                         188.42.162.193
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:36 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: reverse=2ZfqC9uM9Gzk1KSKbVS0Uuqj7rkK2mvWnnzgEPalk_E

                                         
                                         188.42.224.230
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:36 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
                                        
                                            GET /templates/audio/system-player/audio/song.mp3 HTTP/1.1 
Host: static.audienceline.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Range: bytes=0-

                                         
                                         188.42.224.230
HTTP/1.1 206 Partial Content
Content-Type: audio/mpeg
                                        
Server: nginx
Date: Fri, 24 Aug 2018 14:12:34 GMT
Content-Length: 186262
Last-Modified: Fri, 24 Aug 2018 12:35:33 GMT
Connection: keep-alive
Etag: "5b7ffb95-2d796"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Range: bytes 0-186261/186262


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware