Overview

URL princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html
IP192.185.197.130
ASNAS20013 CyrusOne LLC
Location United States
Report completed2018-03-27 18:46:01 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish
Added / Verified Severity Host Comment
2018-03-24 2 princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html T-Online
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-03-27 2 princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 9 reports on IP: 192.185.197.130

Date UQ / IDS / BL URL IP
2018-07-08 05:34:03 +0200
0 - 0 - 2 abcsandstonetilesgoldcoastqld.com.au/wp-conte (...) 192.185.197.130
2018-07-08 05:33:49 +0200
0 - 0 - 2 abcsandstonetilesgoldcoastqld.com.au/wp-conte (...) 192.185.197.130
2018-07-08 05:14:13 +0200
0 - 0 - 2 abcsandstonetilesgoldcoastqld.com.au/wp-admin (...) 192.185.197.130
2018-06-13 20:36:31 +0200
0 - 1 - 0 embedded.sla1.org/updat/ATT%20FILES/attiinndd (...) 192.185.197.130
2018-05-03 22:28:44 +0200
1 - 1 - 1 fairfield.sla.org/docusignpro/index.php 192.185.197.130
2018-04-17 15:55:40 +0200
0 - 0 - 3 boardwiki.sla.org/g 192.185.197.130
2018-04-17 15:55:40 +0200
0 - 0 - 3 boardwiki.sla.org/g 192.185.197.130
2018-03-28 12:20:36 +0200
0 - 0 - 1 princetontrenton.sla.org/wp-includes/images/s (...) 192.185.197.130
2018-01-10 18:38:18 +0100
0 - 0 - 0 bio.sla.org/wp-cont/n/federal/ 192.185.197.130

Last 10 reports on ASN: AS20013 CyrusOne LLC

Date UQ / IDS / BL URL IP
2019-03-21 19:40:26 +0100
0 - 0 - 0 www.trueblueenergy.com/ 192.185.19.9
2019-03-21 19:31:44 +0100
0 - 1 - 0 www.pcvare.com/pro/temp/PCVARE-EML2PST-v6.3-D (...) 192.185.52.186
2019-03-21 19:30:32 +0100
0 - 1 - 3 transcentro.cl/license/topic/ist-kamagra-in-d (...) 192.185.16.153
2019-03-21 19:24:00 +0100
0 - 1 - 0 barcelonafisiohidro.com.br/HUD/ 108.179.252.79
2019-03-21 19:12:07 +0100
0 - 0 - 4 tobrew.com.br/ 192.185.216.62
2019-03-21 19:06:03 +0100
0 - 1 - 0 barcelonafisiohidro.com.br/HUD/ 108.179.252.79
2019-03-21 19:03:48 +0100
0 - 0 - 1 https://lazerdishekimligi.com/ 192.185.13.143
2019-03-21 18:56:54 +0100
0 - 0 - 3 https://bubdesk.com/ 192.185.123.185
2019-03-21 18:22:26 +0100
0 - 0 - 6 aapnnihotel.in/files/US/Address-Changed/Payme (...) 192.185.129.151
2019-03-21 18:19:01 +0100
0 - 3 - 3 transcentro.cl/license/topic/cialis-lilly-erf (...) 192.185.16.153

No other reports on domain: sla.org



JavaScript

Executed Scripts (7)


Executed Evals (0)


Executed Writes (4)

#1 JavaScript::Write (size: 158, repeated: 3) - SHA256: 6e29f6c31f7cb97c3e5a769e0b8535182b94993c6b2ba5780bd3cd1206155ad9

                                        < img src = "https://pixel.advertising.com/ups/56474/sync?uid=5ABA6AAD6E651A43D38F327DFF720107&redir=true&_origin=1"
width = "1"
height = "1"
style = "display:none;" >
                                    

#2 JavaScript::Write (size: 162, repeated: 1) - SHA256: 4aeed86ffcdca2a22c9b27e49c13f3b7e8c7cd98238b987cbf86e12ac7b82d25

                                        < script language = "javascript1.1"
src = "https://im.banner.t-online.de/addyn/3.0/784/1617721/0/170/ADTECH;loc=100;target=_blank;grp=306;misc=1522169125545" > < /script>
                                    

#3 JavaScript::Write (size: 162, repeated: 1) - SHA256: 8f6736e5b94a9a2eb48ade1a15e2d0a87705d073e909c7210c9c309136a1f2d1

                                        < script language = "javascript1.1"
src = "https://im.banner.t-online.de/addyn/3.0/784/1617722/0/225/ADTECH;loc=100;target=_blank;grp=306;misc=1522169127723" > < /script>
                                    

#4 JavaScript::Write (size: 162, repeated: 1) - SHA256: d18d7d1c60d87ad5ffdfbe0a07d47145b63f40e88c01f3cee0d1f85cc613c285

                                        < script language = "javascript1.1"
src = "https://im.banner.t-online.de/addyn/3.0/784/1617774/0/170/ADTECH;loc=100;target=_blank;grp=306;misc=1522169127496" > < /script>
                                    


HTTP Transactions (37)


Request Response
                                        
                                            GET /rgdwg/T-online.de/T-online.de.html HTTP/1.1 
Host: princetontrenton.sla.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         192.185.197.130
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.12.2
Date: Tue, 27 Mar 2018 16:45:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2011 07:36:48 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3328
Md5:    5822e6a18ff67f0bc452ba7178d9c925
Sha1:   8082b0d67850229989f0665638a0fa98d64a59f3
Sha256: 59164add0d6afba3ada0d32faf04e20d6b1a73203c95d7ba12a555bec15892d5

Alerts:
  Blacklists:
    - openphish: T-Online
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: sh.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1708
Content-Transfer-Encoding: binary
Cache-Control: max-age=485753, public, no-transform, must-revalidate
Last-Modified: Mon, 26 Mar 2018 07:41:17 GMT
Expires: Mon, 2 Apr 2018 07:41:17 GMT
Date: Tue, 27 Mar 2018 16:45:25 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1708
Md5:    ac5ec9f70598500eadc68a9a9c7fecd4
Sha1:   ae4f42e46b323c1be189aac27048952c082bdfc7
Sha256: 322ccdd646a53fc96857d9938315743e937f6d05f0277d0713f0850554ba2852
                                        
                                            GET /res/sam08/css/t.css HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:22 GMT
Etag: "23e-4fa705a1d6680"
Accept-Ranges: bytes
Content-Length: 574
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text
Size:   574
Md5:    213a15f991cc9b262e29ea55798491c2
Sha1:   9362cdc13f9b9bb679c49e33ee41141e4c3a84ea
Sha256: bca5e4119835c253ad8cf954e767ffca04063b04a6c287b88268556c61a83f14
                                        
                                            GET /res/sam08/js/js08.js HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: text/x-js
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:21 GMT
Etag: "e74-4fa705a0e2440"
Accept-Ranges: bytes
Content-Length: 3700
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   3700
Md5:    207b3057791212b881b3444200d82e6c
Sha1:   90f27a90685a14eecf4dd122e45ba01d1b22d6f6
Sha256: 911de87414893350d6c9c9f021462da7f479b80b758189878ec38bc70ca28d18
                                        
                                            GET /res/sam08/images/logo.gif HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:27 GMT
Etag: "158-4fa705a69b1c0"
Accept-Ranges: bytes
Content-Length: 344
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 72 x 60
Size:   344
Md5:    629eee86bc48766a1556db5cea907c5c
Sha1:   55c1a47b351df6e4d02c6da4d5c42f05ce7c6cd0
Sha256: 73b3238b31072206911489dfe92d42e04344fba89f70e54e45a20b2f55d1f2ef
                                        
                                            GET /res/sam08/images/teaser/pic_freemail_teaser.jpg HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:27 GMT
Etag: "3613-4fa705a69b1c0"
Accept-Ranges: bytes
Content-Length: 13843
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   13843
Md5:    62710d875bbff50e2f49b34c8ce7faac
Sha1:   41e806047c897922e553600078dcc468f1fe0589
Sha256: 84ef44e84cae945006625a3075a8dd819923732479069bcf4b9d56774dd431b9
                                        
                                            GET /res/sam08/images/icon_lexikon.gif HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:25 GMT
Etag: "36-4fa705a4b2d40"
Accept-Ranges: bytes
Content-Length: 54
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 5 x 12
Size:   54
Md5:    5d428c6bfc93da33d0346e3c485b45c8
Sha1:   543bf1fc8518ee261994fe068374f625dd8731ba
Sha256: c4aa192c370a15e089f55ac3f11246a7da21318e06038ac9f515f7c9aa237886
                                        
                                            GET /res/sam08/css/grid.css HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.idm.telekom.com/res/sam08/css/t.css

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:22 GMT
Etag: "1e8b-4fa705a1d6680"
Accept-Ranges: bytes
Content-Length: 7819
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text, with CRLF line terminators
Size:   7819
Md5:    8736218714153515b5a45d11966fa4ee
Sha1:   6ff31fe701fe314d9b2a628dfdf5e5f16310fe6f
Sha256: 80258480fa20951f05fe2d143f3281f1baf9a08777fa5944bf97178d7f8d9c34
                                        
                                            GET /res/sam08/css/normalizer.css HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.idm.telekom.com/res/sam08/css/t.css

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:22 GMT
Etag: "41b-4fa705a1d6680"
Accept-Ranges: bytes
Content-Length: 1051
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text, with CRLF line terminators
Size:   1051
Md5:    85d80a932e76be2acd7acf2b72ec734c
Sha1:   0feb17f144b0bfc13272137368348145eeb7b48a
Sha256: 82e1e507c883fb0f791ae1fe2816564b0ad970282d52344a182f81e3cbcc2a7a
                                        
                                            GET /res/sam08/css/typo.css HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.idm.telekom.com/res/sam08/css/t.css

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:22 GMT
Etag: "c9c-4fa705a1d6680"
Accept-Ranges: bytes
Content-Length: 3228
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text, with CRLF line terminators
Size:   3228
Md5:    b3662840dd23e614ce2024986a5e776d
Sha1:   60ec216eb387cf3451b70bc9da1531e916de21ce
Sha256: 471e8284d2b0f17847a2a3c3bb60429fe310a64cd0ae48a5daf7a057d0bb32e5
                                        
                                            GET /res/sam08/css/sam.css HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.idm.telekom.com/res/sam08/css/t.css

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:22 GMT
Etag: "6e7-4fa705a1d6680"
Accept-Ranges: bytes
Content-Length: 1767
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text
Size:   1767
Md5:    c0574d92c274c8985201d377c7fc7c51
Sha1:   8f7835a1386fbfede35687ecda37b2cc846493c3
Sha256: 76e3cac6762437ce3d4db7bf99d0378be1250cbf4cb9a7dedc590bf94e480ae8
                                        
                                            GET /res/sam08/images/48x48/hilfe.png HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:24 GMT
Etag: "fa6-4fa705a3beb00"
Accept-Ranges: bytes
Content-Length: 4006
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced
Size:   4006
Md5:    f1fa3460fd1691fdb113efb0dad5a8e1
Sha1:   c389b4da208c56ca082dff8f8c40a816772c3d25
Sha256: 6b0a4d1a786d09dd9308875c596a18e36bfb0bbed63965d64f99265d49d72ab1
                                        
                                            GET /res/sam08/css/color.css HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.idm.telekom.com/res/sam08/css/t.css

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:22 GMT
Etag: "149f-4fa705a1d6680"
Accept-Ranges: bytes
Content-Length: 5279
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text, with CRLF line terminators
Size:   5279
Md5:    25c2344796a28df07db135e95b12739f
Sha1:   e657bec4d131a4af9e7b4a1bbdbd9214f3ec7ab0
Sha256: 5605ddc04d3687c39e375d32d00b851f2167e6f8c9bee1e2ec86cb9dec9f0bd4
                                        
                                            GET /res/sam08/images/backgrounds/headerBg.gif HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.idm.telekom.com/res/sam08/css/color.css

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:23 GMT
Etag: "610-4fa705a2ca8c0"
Accept-Ranges: bytes
Content-Length: 1552
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 2034 x 60
Size:   1552
Md5:    cb05a685870837be9f142322e6e7beec
Sha1:   d91cc37d2bdb810f4609f3de75125a4c8b87e61c
Sha256: 9c55655f0124d3fe4cff6b3bf572b711746998a32659e7c8a81857af94f9089a
                                        
                                            GET /res/sam08/images/backgrounds/tBg.gif HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.idm.telekom.com/res/sam08/css/color.css

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:23 GMT
Etag: "1ac-4fa705a2ca8c0"
Accept-Ranges: bytes
Content-Length: 428
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 674
Size:   428
Md5:    143b53365d8c26504166c38d89714ea2
Sha1:   2f6356e6b8b7aeeb664221670422d6880aa4bc58
Sha256: 8ea34560d2cde64f68f0935040494600033dd9f0b4758b9f9fa4bf5bdeee2886
                                        
                                            GET /res/sam08/images/advBtnL.gif HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.idm.telekom.com/res/sam08/css/sam.css

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:24 GMT
Etag: "3f3-4fa705a3beb00"
Accept-Ranges: bytes
Content-Length: 1011
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 36
Size:   1011
Md5:    ef24e1d0e70b4b20da101bc05315ee14
Sha1:   5a6634859b9badb5c509a6c70ec73253a57a6034
Sha256: 4b08cfea085018450fa59977b08b5de115589836fe7fd19f9ca475c5342d737a
                                        
                                            GET /res/sam08/images/backgrounds/boxBg.gif HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.idm.telekom.com/res/sam08/css/color.css

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:23 GMT
Etag: "b1-4fa705a2ca8c0"
Accept-Ranges: bytes
Content-Length: 177
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 100
Size:   177
Md5:    9781a1ce7b2c75e65e3fa8605e0d673b
Sha1:   1d2df4f1a1a90f509ddad41a36dde0b41870a4f6
Sha256: f5bfdb712e96a2e587e12287d1d0814e4f66e98ffdf91f68ea614481a25b77f4
                                        
                                            GET /res/sam08/images/advBtnR.gif HTTP/1.1 
Host: login.idm.telekom.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://login.idm.telekom.com/res/sam08/css/sam.css

                                         
                                         62.157.140.154
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 27 Mar 2018 16:45:25 GMT
Server: Apache
P3P: CP="NOI CURa TAIa OUR NOR UNI"
Last-Modified: Wed, 28 May 2014 06:59:24 GMT
Etag: "1b3-4fa705a3beb00"
Accept-Ranges: bytes
Content-Length: 435
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 18 x 36
Size:   435
Md5:    7e5b15c4f7aa1efc6e495aa8da3ec4c5
Sha1:   3a2db32e6ba2e00066e908490c52f4a2d24f6388
Sha256: 61861dbd7b6717949bcb77708faaa931e993fe3531f941aa236a992d14b1fd42
                                        
                                            POST / HTTP/1.1 
Host: sg.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1696
Content-Transfer-Encoding: binary
Cache-Control: max-age=515113, public, no-transform, must-revalidate
Last-Modified: Mon, 26 Mar 2018 15:50:39 GMT
Expires: Mon, 2 Apr 2018 15:50:39 GMT
Date: Tue, 27 Mar 2018 16:45:26 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1696
Md5:    d20fe737af056b1bc0fb878605dabf7e
Sha1:   ed980686d993c9a6b67906e22ed64c03995894ad
Sha256: e20f302e8cc2cc22c9efbef6f5139708feb07c1de481eaacd516941ac2146801
                                        
                                            GET /addyn/3.0/784/1617721/0/170/ADTECH;loc=100;target=_blank;grp=306;misc=1522169125545 HTTP/1.1 
Host: im.banner.t-online.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html

                                         
                                         152.195.15.9
HTTP/1.1 302 Found
                                        
Cache-Control: no-store, no-cache
Date: Tue, 27 Mar 2018 16:45:26 GMT
Expires: Mon, 15 Jun 1998 00:00:00 GMT
Location: https://im.banner.t-online.de/addyn/3.0/784/1617721/0/170/ADTECH;cfp=1;rndc=1522169126;loc=100;target=_blank;grp=306;misc=1522169125545
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Pragma: no-cache
Server: nginx
Set-Cookie: CfP=1;domain=t-online.de;path=/
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /addyn/3.0/784/1617721/0/170/ADTECH;cfp=1;rndc=1522169126;loc=100;target=_blank;grp=306;misc=1522169125545 HTTP/1.1 
Host: im.banner.t-online.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html
Cookie: CfP=1

                                         
                                         152.195.15.9
HTTP/1.1 302 Found
                                        
Cache-Control: no-store, no-cache
Date: Tue, 27 Mar 2018 16:45:26 GMT
Expires: Mon, 15 Jun 1998 00:00:00 GMT
Location: https://adserver.adtech.de/addyn/3.0/784/1617721/0/170/ADTECH;rdhost=im.banner.t-online.de;cfp=1;rndc=1522169125;loc=100;target=_blank;grp=306;misc=1522169125545
Pragma: no-cache
Server: nginx
Content-Length: 0


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.entrust.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.123.128.217
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Content-Length: 2119
Last-Modified: Tue, 27 Mar 2018 14:25:30 GMT
Etag: "579109C8FF10AD0A58FAE5675CCA6AD0E1083D40"
Cache-Control: public, no-transform, must-revalidate, max-age=647
Expires: Tue, 27 Mar 2018 16:56:14 GMT
Date: Tue, 27 Mar 2018 16:45:27 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   2119
Md5:    cf80e536150607918fb1c24f68f8fb68
Sha1:   6bb86c67c3d0cdcfe7db67acde3b3a4256200912
Sha256: 7e761909016b305890729d9c6a3ba5b909531aeac56b09183dadf3ccdb349da0
                                        
                                            GET /addyn/3.0/784/1617721/0/170/ADTECH;rdhost=im.banner.t-online.de;cfp=1;rndc=1522169125;loc=100;target=_blank;grp=306;misc=1522169125545 HTTP/1.1 
Host: adserver.adtech.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html

                                         
                                         152.195.39.132
HTTP/1.1 302 Found
                                        
Cache-Control: no-store, no-cache
Date: Tue, 27 Mar 2018 16:45:27 GMT
Expires: Mon, 15 Jun 1998 00:00:00 GMT
Location: https://adserver.adtech.de/addyn/3.0/784/1617721/0/170/ADTECH;rdhost=im.banner.t-online.de;cfp=2;rndc=1522169126;loc=100;target=_blank;grp=306;misc=1522169125545
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Pragma: no-cache
Server: nginx
Set-Cookie: CfP=2;domain=adtech.de;path=/
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /addyn/3.0/784/1617721/0/170/ADTECH;rdhost=im.banner.t-online.de;cfp=2;rndc=1522169126;loc=100;target=_blank;grp=306;misc=1522169125545 HTTP/1.1 
Host: adserver.adtech.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html
Cookie: CfP=2

                                         
                                         152.195.39.132
HTTP/1.1 302 Found
                                        
Cache-Control: no-store, no-cache
Date: Tue, 27 Mar 2018 16:45:27 GMT
Expires: Mon, 15 Jun 1998 00:00:00 GMT
Location: https://adserver.adtech.de/addyn/3.0/784/1617721/0/170/ADTECH;rdhost=im.banner.t-online.de;cfp=1;rndc=1522169126;loc=100;target=_blank;grp=306;misc=1522169125545
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Pragma: no-cache
Server: nginx
Set-Cookie: JEB2=5ABA6AAD6E651A43D38F327DFF720107;expires=Thu, 26 Mar 2020 16:45:26 GMT;domain=adtech.de;path=/
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /addyn/3.0/784/1617721/0/170/ADTECH;rdhost=im.banner.t-online.de;cfp=1;rndc=1522169126;loc=100;target=_blank;grp=306;misc=1522169125545 HTTP/1.1 
Host: adserver.adtech.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html
Cookie: CfP=2; JEB2=5ABA6AAD6E651A43D38F327DFF720107

                                         
                                         152.195.39.132
HTTP/1.1 302 Found
                                        
Cache-Control: no-store, no-cache
Date: Tue, 27 Mar 2018 16:45:27 GMT
Expires: Mon, 15 Jun 1998 00:00:00 GMT
Location: https://im.banner.t-online.de/addyn/3.0/784/1617721/0/170/ADTECH;uuid=5ABA6AAD6E651A43D38F327DFF720107;cfp=1;rndc=1522169127;loc=100;target=_blank;grp=306;misc=1522169125545
Pragma: no-cache
Server: nginx
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /addyn/3.0/784/1617721/0/170/ADTECH;uuid=5ABA6AAD6E651A43D38F327DFF720107;cfp=1;rndc=1522169127;loc=100;target=_blank;grp=306;misc=1522169125545 HTTP/1.1 
Host: im.banner.t-online.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html
Cookie: CfP=1

                                         
                                         152.195.15.9
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Cache-Control: no-store, no-cache
Date: Tue, 27 Mar 2018 16:45:27 GMT
Expires: Mon, 15 Jun 1998 00:00:00 GMT
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Pragma: no-cache
Server: Adtech Adserver
Set-Cookie: CS1=2;expires=Thu, 26 Mar 2020 16:45:26 GMT;domain=t-online.de;path=/ JEB2=5ABA6AAD6E651A43D38F327DFF720107;expires=Thu, 26 Mar 2020 16:45:26 GMT;domain=t-online.de;path=/
Content-Length: 180


--- Additional Info ---
Magic:  ASCII text
Size:   180
Md5:    1e434cc7dbe351552d955e69e12a9e22
Sha1:   fa87ebecb64d6d3881d9e9681d206642454b7840
Sha256: 17e2e73ba3da87e84e2630488dc110d4a02b1bb80ae322d0f4d694623f53a084
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Tue, 27 Mar 2018 16:45:27 GMT
Etag: "5aba1fa5-1d7"
Expires: Thu, 29 Mar 2018 16:45:27 GMT
Last-Modified: Tue, 27 Mar 2018 10:40:37 GMT
Server: ECS (arn/467B)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    9746707cc43fe242d846706355b40a51
Sha1:   4e7a54c75625495fd6eec401c2bf45ba606dd796
Sha256: 6d5630b2667f046afcd316a92883b2a804aaa697c3647191361d1c9f5e0e337d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=172800
Date: Tue, 27 Mar 2018 16:45:27 GMT
Etag: "5aba27d1-1d7"
Expires: Thu, 29 Mar 2018 16:45:27 GMT
Last-Modified: Tue, 27 Mar 2018 11:15:29 GMT
Server: ECS (arn/4598)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    04d981e16fa46f1899e72ad813fb9cd7
Sha1:   cdf9ba6cc1950995966edd94751c47f80e6a383c
Sha256: 7188807d80d465441d5507d436d4da528a9c8f75893d5e398fb43d0704c384f1
                                        
                                            GET /addyn/3.0/784/1617774/0/170/ADTECH;loc=100;target=_blank;grp=306;misc=1522169127496 HTTP/1.1 
Host: im.banner.t-online.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html
Cookie: CfP=1; CS1=2; JEB2=5ABA6AAD6E651A43D38F327DFF720107

                                         
                                         152.195.15.9
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Cache-Control: no-store, no-cache
Date: Tue, 27 Mar 2018 16:45:27 GMT
Expires: Mon, 15 Jun 1998 00:00:00 GMT
Pragma: no-cache
Server: Adtech Adserver
Content-Length: 180


--- Additional Info ---
Magic:  ASCII text
Size:   180
Md5:    1e434cc7dbe351552d955e69e12a9e22
Sha1:   fa87ebecb64d6d3881d9e9681d206642454b7840
Sha256: 17e2e73ba3da87e84e2630488dc110d4a02b1bb80ae322d0f4d694623f53a084
                                        
                                            GET /ups/56474/sync?uid=5ABA6AAD6E651A43D38F327DFF720107&redir=true&_origin=1 HTTP/1.1 
Host: pixel.advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html

                                         
                                         35.159.6.115
HTTP/1.1 302 Found
                                        
Date: Tue, 27 Mar 2018 16:45:27 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: APID=UP4074b0fb-31de-11e8-a217-060510d61bd8;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Thu, 28-Mar-2019 16:45:26 GMT
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://pixel.advertising.com/ups/56474/sync?uid=5ABA6AAD6E651A43D38F327DFF720107&redir=true&_origin=1&verify=true


--- Additional Info ---
                                        
                                            GET /ups/56474/sync?uid=5ABA6AAD6E651A43D38F327DFF720107&redir=true&_origin=1&verify=true HTTP/1.1 
Host: pixel.advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html
Cookie: APID=UP4074b0fb-31de-11e8-a217-060510d61bd8

                                         
                                         35.159.6.115
HTTP/1.1 302 Found
                                        
Date: Tue, 27 Mar 2018 16:45:27 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: IDSYNC=17kq~1cxs;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Thu, 28-Mar-2019 16:45:26 GMT APID=UP4074b0fb-31de-11e8-a217-060510d61bd8;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Thu, 28-Mar-2019 16:45:26 GMT
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://im.banner.t-online.de/bind?ckey1=APID;cvalue1=UP4074b0fb-31de-11e8-a217-060510d61bd8;apidSync=1;expiresDays=366


--- Additional Info ---
                                        
                                            GET /addyn/3.0/784/1617722/0/225/ADTECH;loc=100;target=_blank;grp=306;misc=1522169127723 HTTP/1.1 
Host: im.banner.t-online.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html
Cookie: CfP=1; CS1=2; JEB2=5ABA6AAD6E651A43D38F327DFF720107

                                         
                                         152.195.15.9
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Cache-Control: no-store, no-cache
Date: Tue, 27 Mar 2018 16:45:27 GMT
Expires: Mon, 15 Jun 1998 00:00:00 GMT
Pragma: no-cache
Server: Adtech Adserver
Content-Length: 180


--- Additional Info ---
Magic:  ASCII text
Size:   180
Md5:    1e434cc7dbe351552d955e69e12a9e22
Sha1:   fa87ebecb64d6d3881d9e9681d206642454b7840
Sha256: 17e2e73ba3da87e84e2630488dc110d4a02b1bb80ae322d0f4d694623f53a084
                                        
                                            GET /ups/56474/sync?uid=5ABA6AAD6E651A43D38F327DFF720107&redir=true&_origin=1 HTTP/1.1 
Host: pixel.advertising.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html
Cookie: APID=UP4074b0fb-31de-11e8-a217-060510d61bd8; IDSYNC=17kq~1cxs

                                         
                                         35.159.6.115
HTTP/1.1 302 Found
                                        
Date: Tue, 27 Mar 2018 16:45:27 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: IDSYNC=17kq~1cxs;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Thu, 28-Mar-2019 16:45:27 GMT APID=UP4074b0fb-31de-11e8-a217-060510d61bd8;Version=1;Domain=.advertising.com;Path=/;Max-Age=31622400;Expires=Thu, 28-Mar-2019 16:45:27 GMT
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://im.banner.t-online.de/bind?ckey1=APID;cvalue1=UP4074b0fb-31de-11e8-a217-060510d61bd8;apidSync=1;expiresDays=366


--- Additional Info ---
                                        
                                            GET /bind?ckey1=APID;cvalue1=UP4074b0fb-31de-11e8-a217-060510d61bd8;apidSync=1;expiresDays=366 HTTP/1.1 
Host: im.banner.t-online.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html
Cookie: CfP=1; CS1=2; JEB2=5ABA6AAD6E651A43D38F327DFF720107

                                         
                                         152.195.15.9
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Cache-Control: no-store, no-cache
Date: Tue, 27 Mar 2018 16:45:28 GMT
Expires: Mon, 15 Jun 1998 00:00:00 GMT
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Pragma: no-cache
Server: nginx
Set-Cookie: APID=UP4074b0fb-31de-11e8-a217-060510d61bd8;expires=Thu, 28 Mar 2019 16:45:28 GMT;domain=t-online.de;path=/ APIDTS=1522169128;expires=Thu, 28 Mar 2019 16:45:28 GMT;domain=t-online.de;path=/
Content-Length: 1


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    7215ee9c7d9dc229d2921a40e899ec5f
Sha1:   b858cb282617fb0956d960215c8e84d1ccf909c6
Sha256: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
                                        
                                            GET /bind?ckey1=APID;cvalue1=UP4074b0fb-31de-11e8-a217-060510d61bd8;apidSync=1;expiresDays=366 HTTP/1.1 
Host: im.banner.t-online.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html
Cookie: CfP=1; CS1=2; JEB2=5ABA6AAD6E651A43D38F327DFF720107

                                         
                                         152.195.15.9
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Cache-Control: no-store, no-cache
Date: Tue, 27 Mar 2018 16:45:28 GMT
Expires: Mon, 15 Jun 1998 00:00:00 GMT
P3P: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
Pragma: no-cache
Server: nginx
Set-Cookie: APID=UP4074b0fb-31de-11e8-a217-060510d61bd8;expires=Thu, 28 Mar 2019 16:45:28 GMT;domain=t-online.de;path=/ APIDTS=1522169128;expires=Thu, 28 Mar 2019 16:45:28 GMT;domain=t-online.de;path=/
Content-Length: 1


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    7215ee9c7d9dc229d2921a40e899ec5f
Sha1:   b858cb282617fb0956d960215c8e84d1ccf909c6
Sha256: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: princetontrenton.sla.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         192.185.197.130
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/1.12.2
Date: Tue, 27 Mar 2018 16:45:46 GMT
Content-Length: 0
Connection: keep-alive
Last-Modified: Tue, 19 Nov 2013 09:45:50 GMT
Accept-Ranges: bytes


--- Additional Info ---
                                        
                                            GET /cgi-bin/ivw-ssl/CP/06080000;/SAM/CMPNOTOID/SingleLogin.tmpl?r=&amp;d=1522169125000 HTTP/1.1 
Host: spixl.sda.t-online.de
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://princetontrenton.sla.org/rgdwg/T-online.de/T-online.de.html

                                         
                                         0.0.0.0
                                        


--- Additional Info ---