Overview

URL whitegef.1hwy.com/allerv1/pulp.html
IP64.136.20.37
ASNAS13446 Netzero,INC.
Location United States
Report completed2017-07-23 11:39:04 CEST
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2017-07-23 11:38:31 CEST 2  64.136.20.43 Client IP ET WEB_CLIENT Hex Obfuscation of document.write % Encoding


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 64.136.20.37

Date UQ / IDS / BL URL IP
2017-10-22 08:59:17 +0200
0 - 0 - 0 louis3004212.nstemp.net/ 64.136.20.37
2017-10-20 11:00:49 +0200
0 - 0 - 4 ndek20.reunionwatch.com/songsy/ 64.136.20.37
2017-10-20 10:06:00 +0200
0 - 1 - 0 springu9.cz28.com/gi-8r/carole-hunt-pfz.html 64.136.20.37
2017-10-11 14:50:29 +0200
0 - 0 - 5 novgen.freeservers.com/price/vicodin/get-vico (...) 64.136.20.37
2017-09-24 13:00:45 +0200
0 - 1 - 0 seolfoka.gobot.com/dheab/fernt603.html 64.136.20.37
2017-09-22 12:36:31 +0200
0 - 1 - 0 sbanhkekr.iceryder.net/2006fa/chlorin1192.html 64.136.20.37
2017-09-13 12:34:26 +0200
0 - 1 - 0 danemolw.iceryder.net/jumb/ 64.136.20.37
2017-09-10 14:08:20 +0200
0 - 0 - 1 ezqdnqr.mysite.com/intim-znakomstva-v-zaporoz (...) 64.136.20.37
2017-08-31 16:12:02 +0200
0 - 0 - 4 pallcoln.mysite.com/ 64.136.20.37
2017-08-27 17:22:42 +0200
0 - 0 - 4 iautoinfo.123stones.com/2009/02/waco-texas-au (...) 64.136.20.37

Last 10 reports on ASN: AS13446 Netzero,INC.

Date UQ / IDS / BL URL IP
2017-10-22 08:59:17 +0200
0 - 0 - 0 louis3004212.nstemp.net/ 64.136.20.37
2017-10-20 11:04:54 +0200
0 - 1 - 0 ghnwkeor.iwarp.com/phots/tchfuel313.html 64.136.20.43
2017-10-20 11:00:49 +0200
0 - 0 - 4 ndek20.reunionwatch.com/songsy/ 64.136.20.37
2017-10-20 10:06:00 +0200
0 - 1 - 0 springu9.cz28.com/gi-8r/carole-hunt-pfz.html 64.136.20.37
2017-10-20 10:00:16 +0200
0 - 1 - 0 pigroajt.worldbreak.com/p4g/traeger-rump-fn.html 64.136.20.33
2017-10-20 07:56:31 +0200
0 - 1 - 4 carving.mystarship.com/afrim6/dora-and97.html 64.136.20.44
2017-10-20 01:46:42 +0200
0 - 1 - 0 shortcsd.bappy.com/chrisoc/wa0m.html 64.136.20.36
2017-10-18 19:57:41 +0200
0 - 0 - 0 thirdpartyoffers.netzero.net/TGL3232/59e78f42 (...) 64.136.53.216
2017-10-18 14:26:32 +0200
0 - 0 - 0 webmaila.juno.com/webmail/new/21 64.136.53.84
2017-10-18 12:54:55 +0200
0 - 1 - 0 simple38.scriptmania.com/fruifo/carvingk5.html 64.136.20.31

No other reports on domain: .



JavaScript

Executed Scripts (15)


Executed Evals (5)

#1 JavaScript::Eval (size: 3264, repeated: 1) - SHA256: 046be708d564c290d66e3ba9ba1ffc34b623da9556aad99e737a862681430a09

                                        (function h(b, c) {

    function e(b) {
        return function() {
            try {
                b.sending && (d = b.sending = false, l = 0, g());
            } catch (c) {}
        };
    }


    function g(b, f, g, h) {
        if (b) {
            f = {
                qs: b,
                jsd: f,
                fld: g,
                jso: h
            };
            if (0 === b.indexOf("e=21&")) {
                n(f, true);
                return;
            }
            u.push(f);
        }
        if (0 === l && 0 < u.length) {
            if (l++, b = u.shift(), b.sending = true, b.uid = c.Math.floor(10000000000 * c.Math.random()), b.timeoutId = setTimeout(e(b), 2000), t[b.uid] = b, b.fld && !b.jso && d && v && v.sendMessage) {
                try {
                    v.sendMessage(b);
                } catch (k) {
                    d = false, n(b);
                }
            } else {
                n(b);
            }
        }
    }


    function h() {
        try {
            return new r(1, 1);
        } catch (b) {
            var c = window.document.createElement("img");
            c.height = 1;
            c.width = 1;
            return c;
        }
    }


    function n(b, c) {
        var d = h();
        d.toSend = b;
        c ||
            (d.onerror = function() {
                var b = this.toSend;
                b.failedAttempts = "number" == typeof b.failedAttempts ? b.failedAttempts + 1 : 0;
                var c = (b.jsd + ("/pixel.gif?" + b.qs)).length;
                1 > b.failedAttempts ? n(b) : x && c > y && k(b);
            }, d.onload = function() {
                k(this.toSend);
            });
        d.src = b.jsd + ("/pixel.gif?" + b.qs);
    }


    function k(b) {
        var c = b && b.uid && t && t[b.uid];
        if (b && b.qs && "tracer=" == b.qs) {
            return false;
        }
        if (c) {
            t[b.uid] = null;
            try {
                delete t[b.uid];
            } catch (d) {}
            try {
                clearTimeout(c.timeoutId);
            } catch (d) {}
            if ("boolean" != typeof c.sending || c.sending) {
                c.sending = false;
            } else {
                return false;
            }
        }
        0 < l && l--;
        g();
    }

    var u = [],
        l = 0,
        v = false,
        d = false,
        r, w = c[b],
        p = c.Math.floor(10000000000 * c.Math.random()),
        t = {};
    w.yh = {};
    w = w.yh;
    r = c.Image;
    w.yi = function(b, c, d, e) {
        g(b, c, d, e);
    };
    w.yk = function(c, d) {
        v = true;
        var e = b + ".yh.",
            g = {};
        g.src = "https:" === d ? "https://z.moatads.com/swf/MessageSenderV4.swf" : "http://z.moatads.com/swf/MessageSenderV4.swf";
        g.flashVars = "r=" + e + "zb&s=" + e + "zc&e=" + e + "zd&td=" + c;
        return g;
    };
    w.yj = function() {
        return false === v;
    };
    w.xq = function() {
        return p;
    };
    w.zb = function() {
        try {
            if (true === v) {
                var b = c.document.getElementById("moatMessageSender" + p);
                b && !b.sendMessage && (b = c.document.getElementById("moatMessageSenderEmbed" + p));
                b && b.sendMessage && (d = true, v = b);
            }
        } catch (e) {}
    };
    w.zc = function(b) {
        try {
            k(b);
        } catch (c) {}
    };
    w.zd = function(b) {
        try {
            d = false, b && b.jsd && u.push(b), k(b);
        } catch (c) {}
    };
    var q, x, y = 2083;
    try {
        q = document.createElement("div"), q.innerHTML = "<!--[if IE 8]>x<![endif]-->", x = "x" === q.innerHTML;
    } catch (z) {
        x = false;
    }
})('MoatSuperV24', window)
                                    

#2 JavaScript::Eval (size: 2087, repeated: 1) - SHA256: dbece5fe7d654cc2a2907e25a78e6c9b7fe3d9dbd439863370696a6ada362084

                                        (function h(b, c) {

    function e(b) {
        var c = n.xb.Math.pow,
            e = n.xb.Math.random;
        b = (0, n.xb.Math.max)(4, b);
        return ((1 + e()) * c(16, b) | 0).toString(16).substring(0, b);
    }


    function g(b) {
        return function(c) {
            return b(c);
        };
    }


    function m(b, c) {
        if (!b || "string" !== typeof c || !b[c] || b == window) {
            return false;
        }
        if ("string" === typeof b.nodeName &&
            ("OBJECT" === b.nodeName || "EMBED" === b.nodeName)) {
            var e = document && document.body && document.body[c];
            if (e && e !== b[c]) {
                return e;
            }
        }
        return false;
    }

    c[b] = c[b] || {
        zs: false,
        zr: 0,
        yf: {},
        h: 0,
        m: 0,
        i: {},
        xa: {},
        xb: c,
        xc: {}
    };
    var n = c[b],
        h = {};
    n.xc.esde = function(b) {
        window && window.clearTimeout && window.clearTimeout(b);
    };
    n.xc.ynds = function(b, c, e, d) {
        var r, f = g(e),
            p;
        b.addEventListener ? (e = "addEventListener", r = "") : (e = "attachEvent", r = "on");
        if ((p = m(b, e))) {
            try {
                p.call(b, r + c, f, false);
            } catch (t) {
                b[e](r + c, f, false);
            }
        } else if (b && e && b[e]) {
            try {
                b[e](r + c, f, false);
            } catch (t) {}
        }
        false !== d && (h[c + d] = f);
    };
    n.xc.engn = function(b, c, e, d) {
        var r, g = c + d,
            p;
        if (!b) {
            return delete h[g], false;
        }
        e = false !== d ? h[g] : e;
        b.removeEventListener ? (d = "removeEventListener", r = "") : (d = "detachEvent", r = "on");
        if ((p = m(b, d))) {
            try {
                p.call(b, r + c, e, false);
            } catch (t) {
                b[d](r + c, e, false);
            }
        } else {
            try {
                b[d](r + c, e, false);
            } catch (t) {}
        }
        delete h[g];
    };
    n.xc.exde = function(b, c) {
        b = g(b);
        var e;
        window && window.setTimeout && (e = window.setTimeout(b, c));
        return e;
    };
    n.xc.exae = function(b, c, e) {
        return function() {
            c.apply(e || null, b.concat(b.slice.call(arguments)));
        };
    };
    n.xc.uxin = function() {
        return e(4) + ("-" + e(4) + "-" + e(4) + "-" + e(4));
    };
    n.xc.twer = function(b, c) {
        n && (n.yf || (n.yf = {}), n && n.yf && (n.yf[c] ? n.yf[c].push(b) : (n.yf[c] = [b])));
    };
})('MoatSuperV24', window)
                                    

#3 JavaScript::Eval (size: 3571, repeated: 1) - SHA256: 59df7ad042bcd970529619e8efe3e3183e9c421723d518020a6158617f580115

                                        (function h(b, c, e) {

    function g(b, c) {
        for (var e in b) {
            b.hasOwnProperty(e) && c.call(null, b[e], e);
        }
    }


    function m(b) {
        var c = [];
        g(b, function(b, e) {
            c.push(e);
        });
        return c;
    }

    b = c[b];
    b && b.xa.sode ||
        (b.xa.sode = function() {
            this.desw = {};
            this.xfgf = [];
            this.publishing_ = false;
            this.xkcd = {};
            this.edws = [];
        }, b.xa.sode.prototype.uxin = function() {
            var b = function(b) {
                b = e.max(4, b);
                return ((1 + e.random()) * e.pow(16, b) | 0).toString(16).substring(0, b);
            };
            return function(c) {
                return b(4) + ("-" + b(4) + "-" + b(4) + "-" + b(4));
            };
        }(), b.xa.sode.prototype.xsza = function(b) {
            this.desw[b] || (this.desw[b] = {});
            return this.desw[b];
        }, b.xa.sode.prototype.esgf = function(b, c) {
            this.publishing_ ? this.xfgf.push(arguments) : this.zaxs.apply(this, arguments);
        }, b.xa.sode.prototype.kswa = function(b, c) {
            for (var e = this.xkcd[b] || [], g = e && e.length, f = 0; f < g; f++) {
                if (e[f] === c) {
                    return false;
                }
            }
            e.push(c);
            e.sort(function(b, c) {
                return b - c;
            });
            this.xkcd[b] = e;
        }, b.xa.sode.prototype.aksw = function(b, c) {
            if (!this.xkcd[b]) {
                return false;
            }
            for (var e = this.xkcd[b], g = -1, f = e && e.length, d = 0; d < f; d++) {
                if (e[d] === c) {
                    g = d;
                    break;
                }
            } - 1 != g && e.splice(g, 1);
            this.xkcd[b] = e;
        }, b.xa.sode.prototype._getEventPriorities_ = function(b) {
            return this.xkcd[b] || [];
        }, b.xa.sode.prototype.azsx = function(b, c, e) {
            e = e || {};
            var g = e.id || this.uxin(),
                f;
            f = e.priority;
            f = !isNaN(f) && isFinite(f) ? parseInt(f, 10) : 10;
            for (var d = this.xsza(b), r = 0; d[g] && !e.id && 10 > r;) {
                r++, g = this.uxin();
            }
            d[f] || (d[f] = {});
            this.kswa(b, f);
            e.priority = f;
            d[f][g] = {
                cb: c,
                options: e
            };
            return g;
        }, b.xa.sode.prototype.zaxs = function(b, c) {
            if (!this.desw[b]) {
                return false;
            }
            this.publishing_ = true;
            for (var e = this.edws.slice.call(arguments, 1), g = this._getEventPriorities_(b).slice(0), f = 0, d = g.length; f < d; f++) {
                var r = this.desw[b][g[f]],
                    m;
                for (m in r) {
                    if (r.hasOwnProperty(m)) {
                        var p = r[m];
                        if (p) {
                            var t;
                            t = p.options && p.options.includeId ? [m].concat(e) : e;
                            if (!p.options || !p.options.condition || p.options.condition && p.options.condition.apply(null, t)) {
                                p.options && p.options.once && "undefined" !== typeof p.options.priority && this.sxaz(b, {
                                    id: m,
                                    priority: p.options.priority
                                }), p.cb.apply(null, t);
                            }
                        }
                    }
                }
            }
            this.publishing_ = false;
            for (e = 0; 0 < this.xfgf.length && 500 > e; e++) {
                this.zaxs.apply(this, this.xfgf.pop());
            }
        }, b.xa.sode.prototype.swaq = function(b, c, e) {
            var g = false;
            if (this.desw[b] && this.desw[b][e]) {
                try {
                    delete this.desw[b][e][c], g = true;
                } catch (f) {}
            }
            0 === m(this.desw[b][e]).length && this.aksw(b, e);
            return g;
        }, b.xa.sode.prototype.sxaz = function(b, c) {
            if (!c || "object" != typeof c || !this.desw[b]) {
                return false;
            }
            if (c.id && void 0 !== c.priority) {
                return this.swaq(b, c.id, c.priority);
            }
            if (c.id || c.callback) {
                for (var e = this._getEventPriorities_(b), g = 0, f = e.length; g < f; g++) {
                    var d = e[g];
                    if (c.id && c.callback) {
                        if (this.desw[b][d][c.id] && this.desw[b][d][c.id].cb == c.callback) {
                            return this.swaq(b, c.id, d);
                        }
                    } else if (c.id) {
                        if (this.desw[b][d][c.id]) {
                            return this.swaq(b, c.id, d);
                        }
                    } else {
                        for (var r in this.desw[b][d]) {
                            if (this.desw[b][d][r] && this.desw[b][d][r].cb == c.callback) {
                                return this.swaq(b, r, d);
                            }
                        }
                    }
                }
            }
            return false;
        }, b.xa.sode.prototype.ugin = function(b) {
            if ("string" === typeof b) {
                if (this.desw[b]) {
                    delete this.desw[b];
                } else {
                    return false;
                }
            } else {
                this.desw = {};
            }
            return true;
        });
})('MoatSuperV24', window, Math)
                                    

#4 JavaScript::Eval (size: 2831, repeated: 1) - SHA256: a01646d589423f9eca4c85c8f16fdf2fd2d30ba29ef5c88809c040b6f89a9acd

                                        (function h(b, c, e) {
    var g = c[b];
    g && g.xa.txae ||
        (g.xa.txae = function(b, c) {
            this.sxdc = g.xc.uxin();
            this.cdxs = b;
            this.xscd = {};
            this.swde = c;
            var e = this,
                f = this.swde.azsx("allAdsInWindowKilled", function(b) {
                    g.dcsx.engn({
                        listenerName: "unloadFn" + b
                    });
                    g.dcsx.engn({
                        listenerName: "beforeunloadFn" + b
                    });
                });
            this.swde.azsx("allAdsKilled", function() {
                e.swde.sxaz("allAdsInWindowKilled", {
                    id: f
                });
                g.dcsx && (g.dcsx.aqsw(), g.zs = false, g.xz = false, g.dcsx = false);
            }, {
                once: true
            });
        }, g.xa.txae.prototype.wsed = function(b, c, e, f, l) {
            this.xscd[f] || (this.xscd[f] = {});
            this.xscd[f].evt = c;
            this.xscd[f].target = b;
            this.xscd[f].periodic = true;
            var h;
            h = g.xc.exae([this], function(d, r) {
                g.xc.engn(b, c, null, f);
                if (d.xscd[f]) {
                    d.xscd[f].tid && g.xc.esde(d.xscd[f].tid);
                    d.xscd[f].tid = g.xc.exde(function() {
                        d.xscd[f].tid = null;
                        g.xc.ynds(b, c, h, f);
                    }, l);
                    try {
                        d.swde.zaxs(e, r);
                    } catch (B) {}
                }
            });
            g.xc.ynds(b, c, h, f);
        }, g.xa.txae.prototype.wsqa = function(b) {
            this.xscd[b] && (g.xc.esde(this.xscd[b].tid), g.xc.engn(this.xscd[b].target, this.xscd[b].evt, null, b), delete this.xscd[b]);
        }, g.xa.txae.prototype.qaws = function() {
            this.wsed(this.cdxs, "scroll", "scroll", "globalScrollevent" + this.sxdc, 1000);
            var b = this.cdxs.document.documentElement;
            this.wsed(b, "mousedown", "mouseEvent", "globalMouseDown" + this.sxdc, 1000);
            this.wsed(b, "mouseover", "mouseEvent", "globalMouseOver" + this.sxdc, 1000);
            this.wsed(b, "mousemove", "mouseEvent", "globalMouseMove" + this.sxdc, 5000);
            this.wsed(this.cdxs, "mousewheel", "mouseEvent", "globalMouseWheel" + this.sxdc, 5000);
            this.wsed(this.cdxs, "DOMMouseScroll", "mouseEvent", "globalMouseScroll" + this.sxdc, 5000);
            this.wsed(b, "touchstart", "mouseEvent", "globalTouchStartEvent" + this.sxdc, 1000);
            this.wsed(b, "keydown", "keyboardEvent", "globalKeyboardEvent" + this.sxdc, 1000);
        }, g.xa.txae.prototype.aqsw = function() {
            for (var b in this.xscd) {
                this.engn({
                    listenerName: b
                });
            }
        }, g.xa.txae.prototype.ynds = function(b, c, e, f) {
            if (!this.xscd[f]) {
                this.xscd[f] = {};
                this.xscd[f].evt = c;
                this.xscd[f].target = b;
                var l;
                l = g.xc.exae([this], function(b, d) {
                    b.xscd[f] && b.swde.zaxs(e, d);
                });
                g.xc.ynds(b, c, l, f);
            }
        }, g.xa.txae.prototype.engn = function(b) {
            function c(b, e) {
                b.xscd[e].periodic ? b.wsqa(e) : (g.xc.engn(b.xscd[e].target, b.xscd[e].evt, null, e), delete b.xscd[e]);
            }

            var e = b.target && b.evt,
                f = b.target && !b.evt,
                l = b.all;
            if (b.listenerName) {
                this.xscd[b.listenerName] && c(this, b.listenerName);
            } else if (e) {
                for (var h in this.xscd) {
                    (e = this.xscd[h]) && e.evt == b.evt && e.target == b.target && c(this, h);
                }
            } else if (f) {
                for (h in this.xscd) {
                    (e = this.xscd[h]) && e.target == b.target && c(this, h);
                }
            } else if (l) {
                for (h in this.xscd) {
                    (e = this.xscd[h]) && c(this, h);
                }
            }
        });
})('MoatSuperV24', window, Math)
                                    

#5 JavaScript::Eval (size: 50, repeated: 1) - SHA256: 9fda12704d141686ffade43cfc0269f3533ed4cbbdbda7ad8d37bf9e80391f9a

                                        (function(win) {
    win['Moat#EVA'] = true;
})(window)
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 3051, repeated: 1) - SHA256: 8aabbcf8988d5388c64c8340ed27eaccded5c7f8b9091e391e3a4c16a0248d9e

                                        < !DOCTYPE html > < html > < head > < title > OpenX < /title><base target='_top'/ > < /head><body style='margin:0;padding:0'><div style='position:absolute;left:0px;top:0px;visibility:hidden;'><img src='http:/ / uol - d.openx.net / w / 1.0 / rr ? ptr = c56d4cee - e3bb - 4 f67 - 83 c6 - 872 c2292b8e9 & ts = 1 fHU9MXxyaWQ9YTM4ZGU0NTktOTgzMS00YmViLTgxM2MtY2NiODcxMzIzOGE1fHJ0PTE1MDA4MDI3MTd8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD0xM2U0ODA2Ni02YWRiLTRmYjctODY5YS0zMTA4NjI1Mjg1M2J8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1McUpBS2dzYUp1 '/></div><script type='
text / javascript '> (function() {
    var spoutjs = document.createElement('script'),
        firstjs = document.getElementsByTagName('script')[0];
    spoutjs.async = 1;
    spoutjs.src = '//cdn.spoutable.com/ca8e5293-1232-40fe-ac95-528cdbe64295/spoutable.js';
    firstjs.parentNode.insertBefore(spoutjs, firstjs)
})(); < /script><script type="text/javascript
" src="
http: //pixel.adsafeprotected.com/jload?anId=4&advId=458302234&campId=&pubId=1465680308&chanId=1500802717&placementId=a38de459-9831-4beb-813c-ccb8713238a5&bidurl=whitegef.1hwy.com"></script><noscript><img src="http://pixel.adsafeprotected.com/?anId=4&advId=458302234-ns&campId=&pubId=1465680308&chanId=1500802717&placementId=a38de459-9831-4beb-813c-ccb8713238a5&bidurl=whitegef.1hwy.com" height="1" width="1" alt=""></noscript><noscript class="MOAT-openxdisplay970503469688?moatClientLevel1=537152337&amp;moatClientLevel2=&amp;moatClientLevel3=&amp;moatClientSlicer1=69173&amp;moatClientSlicer2=537317725&amp;moatClientSlicer3=538771292&amp;zMoatOX3TRANS=a38de459-9831-4beb-813c-ccb8713238a5&amp;zMoatOX3TRANSTIME=1500802717&amp;zMoatADID=538512659&amp;zMoatSZ=1x1"></noscript>
    < script src = "https://z.moatads.com/openxdisplay970503469688/moatad.js#moatClientLevel1=537152337&moatClientLevel2=&moatClientLevel3=&moatClientSlicer1=69173&moatClientSlicer2=537317725&moatClientSlicer3=538771292&zMoatOX3TRANS=a38de459-9831-4beb-813c-ccb8713238a5&zMoatOX3TRANSTIME=1500802717&zMoatADID=538512659&zMoatSZ=1x1"
type = "text/javascript" > < /script>


< script src = "http://u.openx.net/tq/pi?k=gateway&rid=a38de459-9831-4beb-813c-ccb8713238a5&rt=1500802717"
type = "text/javascript" > < /script> < div style = 'position:absolute;left:0px;top:0px;visibility:hidden;' > < img src = 'http://uol-d.openx.net/w/1.0/ri?ptr=c56d4cee-e3bb-4f67-83c6-872c2292b8e9&ts=1fHU9MXxyaWQ9YTM4ZGU0NTktOTgzMS00YmViLTgxM2MtY2NiODcxMzIzOGE1fHJ0PTE1MDA4MDI3MTd8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD0xM2U0ODA2Ni02YWRiLTRmYjctODY5YS0zMTA4NjI1Mjg1M2J8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1McUpBS2dzYUp1' / > < /div></body > < /html>
                                    


HTTP Transactions (30)


Request Response
                                        
                                            GET /cgi-bin/image/images/bannertype/100X22.gif HTTP/1.1 
Host: whitegef.1hwy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html

                                         
                                         64.136.20.43
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Sun, 23 Jul 2017 09:38:31 GMT
Server: .V07 Apache
Last-Modified: Fri, 20 Apr 2001 21:43:04 GMT
Content-Length: 651
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 100 x 22
Size:   651
Md5:    73da55db643b8c2941f91c7ff18d058c
Sha1:   4238810ca9811d5de2e1653bd1892444b7b39a60
Sha256: 8364c09db7f2da436f6a3a620c0709fc8a4cfb159614012865431a06807fc175
                                        
                                            GET /w/1.0/jstag HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Vary: Accept-Encoding
Server: OXGW/11.94.1
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Sun, 23 Jul 2017 10:38:31 GMT
Date: Sun, 23 Jul 2017 09:38:31 GMT
Content-Length: 17274
Content-Encoding: gzip
Cache-Control: max-age=3600


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   17274
Md5:    127c2050ff279fc3ea4920089cc0a041
Sha1:   cb967b3d5fba86b9cedc867825b1f07d3050b4be
Sha256: 0c96a63078b36093d757694fc9e6bded088100be92504af06025ea8c4001b512
                                        
                                            GET /allerv1/pulp.html HTTP/1.1 
Host: whitegef.1hwy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         64.136.20.43
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Sun, 23 Jul 2017 09:38:30 GMT
Server: .V07 Apache
Filter-Revision: 1.220
Last-Modified: Sun Sep 25 18:31:07 2011 GMT
Content-Length: 15902
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive
X-Pad: avoid browser bug


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   15902
Md5:    ab2893bbe3457709bb8aa5b73d71c825
Sha1:   14f2dfad0188b2e789169a54b04f69dd8f73e78a
Sha256: af1d2d85838af514b8bc9317d370b14bba8711a43e873f01fe45153595399714

Alerts:
  IDS:
    - ET WEB_CLIENT Hex Obfuscation of document.write % Encoding
                                        
                                            GET /files/style.css HTTP/1.1 
Host: whitegef.1hwy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html

                                         
                                         64.136.20.43
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 23 Jul 2017 09:38:34 GMT
Server: .V07 Apache
Last-Modified: Sun, 25 Sep 2011 18:18:12 GMT
Etag: "2144f30-6530-4e7f7064"
Accept-Ranges: bytes
Content-Length: 25904
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text, with CRLF line terminators
Size:   25904
Md5:    ac820b9ffe771c0ec322b777fd6218a0
Sha1:   a0a1bc3c131b4419a1897d88987d3c123e7a3b9e
Sha256: 1514029b7855c36bb4eb0c19a2c4e3022958507c9b0581d2799ee8d1f36e947b
                                        
                                            GET /files/bgcolor.jpg HTTP/1.1 
Host: whitegef.1hwy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/files/style.css

                                         
                                         64.136.20.43
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 23 Jul 2017 09:38:36 GMT
Server: .V07 Apache
Last-Modified: Sun, 25 Sep 2011 18:18:15 GMT
Etag: "23e882c-79-4e7f7067"
Accept-Ranges: bytes
Content-Length: 121
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 5 x 18
Size:   121
Md5:    4a4c5d375cd4ce7431acdd3b8ccc0e8f
Sha1:   ba57a0ecad4202fbf1517a7b2099cb4b22ea324c
Sha256: 1ede5bcca40761203132d4c30d0210f609fcee71811e41c36868d10d79de12d6
                                        
                                            GET /w/1.0/acj?ai=aced2b56-aeb1-4db7-868c-ac3fd6a938dc&o=5827024924&callback=OX_5827024924&ju=http%3A//whitegef.1hwy.com/allerv1/pulp.html&jr=&auid=538771292&dims=1176x754&adxy=588%2C37&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=UTF-8&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html

                                         
                                         173.241.240.220
HTTP/1.1 302 Moved Temporarily
                                        
Set-Cookie: i=9fc1dd2e-a62c-0945-195b-0f56d2605409|1500802717; Version=1; Expires=Mon, 23-Jul-2018 09:38:37 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/11.94.1
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://uol-d.openx.net/w/1.0/acj?cc=1&ai=aced2b56-aeb1-4db7-868c-ac3fd6a938dc&o=5827024924&callback=OX_5827024924&ju=http%3A//whitegef.1hwy.com/allerv1/pulp.html&jr=&auid=538771292&dims=1176x754&adxy=588%2C37&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=UTF-8&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1
Date: Sun, 23 Jul 2017 09:38:37 GMT
Content-Length: 0


--- Additional Info ---
                                        
                                            GET /w/1.0/acj?cc=1&ai=aced2b56-aeb1-4db7-868c-ac3fd6a938dc&o=5827024924&callback=OX_5827024924&ju=http%3A//whitegef.1hwy.com/allerv1/pulp.html&jr=&auid=538771292&dims=1176x754&adxy=588%2C37&res=1176x885x24&plg=swf%2Cpdf%2Cwmp%2Cshk%2Cpm&ch=UTF-8&tz=-120&ws=1176x754&ifr=0&tws=1176x754&sd=1 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html
Cookie: i=9fc1dd2e-a62c-0945-195b-0f56d2605409|1500802717

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Vary: Accept
Timing-Allow-Origin: *
Set-Cookie: i=9fc1dd2e-a62c-0945-195b-0f56d2605409|1500802717; Version=1; Expires=Mon, 23-Jul-2018 09:38:37 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server: OXGW/11.94.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 23 Jul 2017 09:38:37 GMT
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   1518
Md5:    e3d6680a7c082b0eb52b611e1a29945f
Sha1:   0e87d4f5bd95136d590ac550976d6e1b009d0e2f
Sha256: fa17be8ce0af185151ca506350c07403a48e0992d3200298731e02c8fe48e3a0
                                        
                                            GET /fs_img/js/overlay.js HTTP/1.1 
Host: whitegef.1hwy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html
Cookie: OX_ssn=9526250839; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.43
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Sun, 23 Jul 2017 09:38:37 GMT
Server: .V07 Apache
Last-Modified: Thu, 27 Aug 2009 10:08:37 GMT
Etag: "1ee0c-1952-4a965b25"
Accept-Ranges: bytes
Content-Length: 6482
Keep-Alive: timeout=999999, max=999998
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   6482
Md5:    85f8bd82370a634fcb8f5aca3e407395
Sha1:   4065a0ff47a5b4f01df8c90adaa7a6781b4087c3
Sha256: 0c33d70a8a30833d45c2217aeaf8691b17d54c70c136593bf03f7b68109b84ed
                                        
                                            GET /ca8e5293-1232-40fe-ac95-528cdbe64295/spoutable.js HTTP/1.1 
Host: cdn.spoutable.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html

                                         
                                         104.20.69.222
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 23 Jul 2017 09:38:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d9f6ec77fd747faa1d5003c0cfe20f9001500802717; expires=Mon, 23-Jul-18 09:38:37 GMT; path=/; domain=.spoutable.com; HttpOnly
x-amz-id-2: 2vtPVb93w+rrwFDt/U+R2fh4TDYipemYlfFdaJo56XEixBZ1XYdPSPhG5srDynNARGkXWmHpNfY=
x-amz-request-id: 07BFE40559F21EC7
Last-Modified: Sat, 22 Jul 2017 16:33:01 GMT
Etag: W/"55e3bd8aae6e3f8dfec6a30c6c00df80"
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Sun, 23 Jul 2017 11:38:37 GMT
Cache-Control: public, max-age=7200
Server: cloudflare-nginx
CF-RAY: 382daaf7343342a3-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   830
Md5:    b93008db770708b345cf417cd87ab743
Sha1:   e47c0545c14b0c623064a6d0f967e85d596c1492
Sha256: f46788bdde3c0d172ac8b827d987d1b287d502a4f6f210dbd9239741081c2490
                                        
                                            GET /w/1.0/rr?ptr=c56d4cee-e3bb-4f67-83c6-872c2292b8e9&ts=1fHU9MXxyaWQ9YTM4ZGU0NTktOTgzMS00YmViLTgxM2MtY2NiODcxMzIzOGE1fHJ0PTE1MDA4MDI3MTd8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD0xM2U0ODA2Ni02YWRiLTRmYjctODY5YS0zMTA4NjI1Mjg1M2J8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1McUpBS2dzYUp1 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html
Cookie: i=9fc1dd2e-a62c-0945-195b-0f56d2605409|1500802717

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Timing-Allow-Origin: *
Server: OXGW/11.94.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 23 Jul 2017 09:38:37 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /jload?anId=4&advId=458302234&campId=&pubId=1465680308&chanId=1500802717&placementId=a38de459-9831-4beb-813c-ccb8713238a5&bidurl=whitegef.1hwy.com HTTP/1.1 
Host: pixel.adsafeprotected.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html

                                         
                                         69.172.216.55
HTTP/1.1 200 OK
Content-Type: text/plain;charset=UTF-8
                                        
Server: nginx
Date: Sun, 23 Jul 2017 09:38:37 GMT
Transfer-Encoding: chunked
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Expires: Wed, 31 Dec 1969 23:59:59 GMT
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Access-Control-Allow-Credentials: true
X-Server-Name: app43ami.ami.303net.pvt
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   54085
Md5:    cee700c12a3716bb30187e91509d0fab
Sha1:   3ea8d9335851e55e5ee55033a4cb331890887a5b
Sha256: 2e991e50e4bc7ec1128382ad3145d52170353806c79b0dbb77377e4cade7a7ad
                                        
                                            GET /mon?anId=4&advId=458302234&campId=&pubId=1465680308&chanId=1500802717&placementId=a38de459-9831-4beb-813c-ccb8713238a5&bidurl=whitegef.1hwy.com&adsafe_url=http%3A%2F%2Fwhitegef.1hwy.com%2Fallerv1%2Fpulp.html&adsafe_type=abdfq&adsafe_jsinfo=,id:5594bf83-ca06-f9a7-2cc9-031a64a9b67a,c:jbztBz,sl:na,em:true,fr:true,mn:app43ami,pt:1-5-15,br:g,fv:10.0.45,bv:na,dm:na,abv:na,an:n,fm:qqbZgbP+11*.4,idMap:11*,pl:tP72.t0Ez.lkcY.7PHi.AHPH.TMN9.AMI3.LFMP.hwep.OJfQ,e:V,rt:1,cb:0,th:0,es:0,sa:1,sc:0,ha:1,gm:1,fif:0,uf:0,tt:jload,et:36,oid:b3f77b80-6f8a-11e7-bc9f-70106fb72ff4,v:17.3.42,sp:0,ct:na,dtm:i,gtpl:0,wr:1176.754,sr:1176.885,mf:-955835457,ov:0 HTTP/1.1 
Host: pixel.adsafeprotected.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html

                                         
                                         69.172.216.55
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 23 Jul 2017 09:38:38 GMT
Content-Length: 43
Connection: close
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
X-Server-Name: app41ami.ami.303net.pvt


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /fs_img/js/pt.js HTTP/1.1 
Host: whitegef.1hwy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html
Cookie: OX_ssn=9526250839; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.43
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Sun, 23 Jul 2017 09:38:37 GMT
Server: .V07 Apache
Last-Modified: Tue, 23 Dec 2008 06:18:16 GMT
Etag: "1ee0f-133c-495082a8"
Accept-Ranges: bytes
Content-Length: 4924
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   4924
Md5:    5a579305a5ed446e5d235fdf055af4df
Sha1:   460970478d97e27013664cca14b24b312db5e837
Sha256: b7869a1ad7f1eec802fdbd1018fa315b26b3c92a13db66c9044dad80a8fc5b2f
                                        
                                            GET /w/1.0/ri?ptr=c56d4cee-e3bb-4f67-83c6-872c2292b8e9&ts=1fHU9MXxyaWQ9YTM4ZGU0NTktOTgzMS00YmViLTgxM2MtY2NiODcxMzIzOGE1fHJ0PTE1MDA4MDI3MTd8YXVpZD01Mzg3NzEyOTJ8YXVtPURNSUQuV0VCfGF1cGY9ZGlzcGxheXxzc2lkPTUzODg4ODY4OXxzaWQ9NTM3MzE3NzI1fHB1Yj02OTE3M3xwYz1VU0R8cmFpZD0xM2U0ODA2Ni02YWRiLTRmYjctODY5YS0zMTA4NjI1Mjg1M2J8cnM9MXxjbD0xfGFpZD01Mzg1MTI2NTl8dD00fGFzPTF4MXxsaWQ9NTM3ODIyOTY0fG9pZD01MzczNTI0MTl8cD0xMDAwfHByPTEwMDB8YXRiPTEwMDB8YWR2PTUzNzE1MjMzN3xhYz1VU0R8cG09UFJJQ0lORy5DUE18Ym09QlVZSU5HLkdVQVJBTlRFRURFWENMVVNJVkV8bGl0PUV8Y2k9MXx1cj1McUpBS2dzYUp1 HTTP/1.1 
Host: uol-d.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html
Cookie: i=9fc1dd2e-a62c-0945-195b-0f56d2605409|1500802717

                                         
                                         173.241.240.220
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Timing-Allow-Origin: *
Server: OXGW/11.94.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 23 Jul 2017 09:38:39 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /tq/pi?k=gateway&rid=a38de459-9831-4beb-813c-ccb8713238a5&rt=1500802717 HTTP/1.1 
Host: u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html
Cookie: i=9fc1dd2e-a62c-0945-195b-0f56d2605409|1500802717

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: OXGW/11.94.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 23 Jul 2017 09:38:39 GMT
Content-Length: 4845
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   4845
Md5:    008aeb09550894b0c9b777a82ce04f9d
Sha1:   6d39a4246d9df74fab7123d79f63107f13a291a7
Sha256: 6d39b68eed8052883c40a1feaca7dcfe51108473969e6b032d2df0ff5054e930
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Sun, 23 Jul 2017 09:32:43 GMT
Expires: Sun, 23 Jul 2017 11:32:43 GMT
Last-Modified: Tue, 06 Jun 2017 00:25:39 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 16022
Cache-Control: public, max-age=7200
Age: 356


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   16022
Md5:    09889dfa1a6bf800507b7a6799c45901
Sha1:   51b1c3f117a0874b6e5ea58bf9e8863c918db4aa
Sha256: 1c92948832be823e16d40195f5f66135368b5cb3f8a7833c3e25f558f16fecfb
                                        
                                            GET /dt?anId=4&asId=5594bf83-ca06-f9a7-2cc9-031a64a9b67a&tv={c:jbztEY,pingTime:-2,time:243,type:a,rt:1,cb:0,th:0,es:0,sa:1,sc:0,ha:1,gm:1,fif:0,,em:true,fr:true,uf:0,e:VE,tt:jload,dtt:0,fm:qqbZgbP+11*.4,idMap:11*,pd:hwep.npdsplay.dll,slid:[ox_5827024924_538771292,aws_3188],sinceFw:200,readyFired:false}&br=g HTTP/1.1 
Host: dt.adsafeprotected.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html

                                         
                                         69.172.216.111
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Sun, 23 Jul 2017 09:38:39 GMT
Content-Length: 43
Connection: close
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Pragma: no-cache
Cache-Control: no-cache
X-Server-Name: dt48ami.ami.303net.pvt


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /r/__utm.gif?utmwv=5.6.7&utms=1&utmn=1272542868&utmhn=whitegef.1hwy.com&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Pumpkin%20Farms%20Waukesha%20County&utmhid=1739789687&utmr=-&utmp=%2Fallerv1%2Fpulp.html&utmht=1500802719168&utmac=UA-4601892-10&utmcc=__utma%3D1.796632190.1500802719.1500802719.1500802719.1%3B%2B__utmz%3D1.1500802719.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1826670033&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html

                                         
                                         216.58.211.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Sun, 23 Jul 2017 09:38:39 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            POST / HTTP/1.1 
Host: ss.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1609
Content-Transfer-Encoding: binary
Cache-Control: max-age=455148, public, no-transform, must-revalidate
Last-Modified: Fri, 21 Jul 2017 16:01:23 GMT
Expires: Fri, 28 Jul 2017 16:01:23 GMT
Date: Sun, 23 Jul 2017 09:38:39 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1609
Md5:    8e450ab5fd9f25e817cae93fca7dcc58
Sha1:   b65cc8d9507f131a89244052b86372b375ee92d3
Sha256: cffe1b920143a790e4c10f8285e4793637f2a33eadbd0d32d94e5d14761704af
                                        
                                            GET /openxdisplay970503469688/moatad.js HTTP/1.1 
Host: z.moatads.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html

                                         
                                         104.123.123.86
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
x-amz-id-2: LW9ABDjjhoRLFMuiLpx7dpDUbuPtt70f9F99QjGprsa7Pnt+Y+DC4pJOVQATpZPmOQkpNwQ/dXo=
x-amz-request-id: BC2CB845AD3B41EC
Last-Modified: Thu, 13 Jul 2017 20:09:57 GMT
Etag: "dc44e55a18136c430b044e1b05ef95a7"
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 68811
Server: AmazonS3
Vary: Accept-Encoding
Cache-Control: max-age=25330
Date: Sun, 23 Jul 2017 09:38:39 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, was "moatad.js", from Unix, last modified: Thu Jul 13 22:09:54 2017, max compression
Size:   68811
Md5:    dc44e55a18136c430b044e1b05ef95a7
Sha1:   a9b727d75ab0e6ae80e07e87d30e7cccae565abf
Sha256: d04d6e8b4bae424155c2264cb00833e834a4551bd72418e366074d71f9818457
                                        
                                            POST / HTTP/1.1 
Host: gp.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1415
Content-Transfer-Encoding: binary
Cache-Control: max-age=453321, public, no-transform, must-revalidate
Last-Modified: Fri, 21 Jul 2017 15:31:20 GMT
Expires: Fri, 28 Jul 2017 15:31:20 GMT
Date: Sun, 23 Jul 2017 09:38:40 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1415
Md5:    18f650cb4140bcfc47c505ae356ba097
Sha1:   f3c93ff9d43b35d19fa08cef3af9b9e221c9a6e4
Sha256: 72a4bd1d17b1f1407cb5e2d3f14108c233ed239c1496ba70b0085519e6d348d4
                                        
                                            GET /fs_img/js/set_homepage.js HTTP/1.1 
Host: whitegef.1hwy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html
Cookie: OX_ssn=9526250839; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.43
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Sun, 23 Jul 2017 09:38:37 GMT
Server: .V07 Apache
Last-Modified: Thu, 25 Jun 2009 09:12:35 GMT
Etag: "1ee10-6cb-4a433f83"
Accept-Ranges: bytes
Content-Length: 1739
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   1739
Md5:    65d1bd2fb6b2997618d4487d7f0c458b
Sha1:   e176f2620fb4c3b22e8877d0770f68bed8e1421f
Sha256: 24fcc4b766d9485b2e8276c0fd71fb9f129b0e2fbc90e073afbe8a7cbd3b199b
                                        
                                            GET /n.js?e=35&ud=1&ue=1&uu=1&qm=-120&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%24GO%3B%40jZq%40Qm%3E%22mU)G37n%2B%22R%23Rzx8AkgMmfB.%2FHW%241%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1EF6pJBPJ.(0E%3AUdBE)Jp%60z03%3C(%3BP*NhtM3%40add7FjDkkcRYG%3EZcTOc%7D9cze9IUjDux1bWumA8p5pb%25F3%2FNdLlDP2%2Fh%7C%3FW390UYcRW!_vvWUuR%23Rzx8AkgMO3%3EhRB%40G)uS6kUk%3F*EY%2FwC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61J9OAO%3BKt%3BU!%2FBwj%5DUG1%25w%5E_%2Caps%3CzKUEye%7Bzb%26PmNmEV%3DKB.%3EeWDU%3CVZ~qSPef3%2BkeB%23hbl%5B_Q%24%2F~wG.1T%23VA2%3Bm_Qrw5.W%2FlTr1W*d%5BOCF%25OJ&qp=01000&qq=011100000000&qr=0&gz=0&hh=0&hn=0&qt=0&i=OPENXDISPLAY1&hp=1&zMoatOX3TRANS=a38de459-9831-4beb-813c-ccb8713238a5&zMoatOX3TRANSTIME=1500802717&zMoatADID=538512659&zMoatSZ=1x1&cm=4&kq=undefined&hq=0&hs=0&hu=0&hr=1&ht=0&bq=0&f=0&j=&o=3&t=1500802720116&de=201774509058&m=0&ar=725236f-clean&q=2&cb=0&cu=1500802720116&ll=1&lm=0&ln=1&r=10.0.45&em=3&d=537152337%3A%3A%3Aundefined&bo=69173&bp=537317725&bd=538771292&qs=1&gw=openxdisplay970503469688&fd=1&ac=1&it=500&fs=119019&na=1162391507&cs=0&callback=MoatSuperV24.gna527986 HTTP/1.1 
Host: geo.moatads.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html

                                         
                                         52.3.3.138
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 23 Jul 2017 09:38:40 GMT
Server: nginx/1.7.9
Content-Length: 79
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   79
Md5:    e968f66454a9ab80c68183b6bb6485e3
Sha1:   a457d5ec7f252c7a3e5c842c5c3376025ccd1062
Sha256: 8faa5e35d5fad889ee1a053d67cc791f99595e635871684d710cb1a0ded067fd
                                        
                                            GET /files/lancelhoff.jpg HTTP/1.1 
Host: whitegef.1hwy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/files/style.css
Cookie: OX_ssn=9526250839; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm

                                         
                                         64.136.20.43
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 23 Jul 2017 09:38:37 GMT
Server: .V07 Apache
Last-Modified: Sun, 25 Sep 2011 18:18:18 GMT
Etag: "23e882d-7fff-4e7f706a"
Accept-Ranges: bytes
Content-Length: 32767
Keep-Alive: timeout=999999, max=999999
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   32767
Md5:    21e70f3f8970fea2161de40fed5ea6b9
Sha1:   25c1aeea25926d55b584ab227683989b3e1dd857
Sha256: ccc17d10f979626f6383fd570dbf61a965dc3526dcfe298bfbbd4526a3052e86
                                        
                                            GET /tq/rpi?rid=a38de459-9831-4beb-813c-ccb8713238a5&rt=1500802717&k=gateway&referrer=&top_url=http%3A//whitegef.1hwy.com/allerv1/pulp.html&bf=%7B%22ua_browser%22%3A%22Firefox%22%2C%22ua_browser_ver%22%3A%223.6%22%2C%22phantom%22%3Afalse%2C%22browser_falses%22%3A%5B%5D%7D&lag=-23 HTTP/1.1 
Host: u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html
Cookie: i=9fc1dd2e-a62c-0945-195b-0f56d2605409|1500802717

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: OXGW/11.94.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 23 Jul 2017 09:38:41 GMT
Content-Length: 43
Cache-Control: private, max-age=0, no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: whitegef.1hwy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: OX_ssn=9526250839; OX_sd=1; OX_plg=swf|pdf|wmp|shk|pm; __utma=1.796632190.1500802719.1500802719.1500802719.1; __utmb=1.1.10.1500802719; __utmc=1; __utmz=1.1500802719.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         64.136.20.43
HTTP/1.1 200 Special Default
Content-Type: image/gif
                                        
Date: Sun, 23 Jul 2017 09:38:41 GMT
Server: .V07 Apache
Last-Modified: Wed, 27 Jul 2011 09:23:13 GMT
Content-Length: 1406
Keep-Alive: timeout=999999, max=999998
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1406
Md5:    d009cced4ed43383291700a3b7a18f86
Sha1:   eff142aafd81e111c728ccf1f1df36cf1c244dce
Sha256: 748f652b4067e9b431761049ae7e3b77e5cf4d3042b2cd7a3b5da379d95d8dab
                                        
                                            GET /w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909 HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://whitegef.1hwy.com/allerv1/pulp.html
Cookie: i=9fc1dd2e-a62c-0945-195b-0f56d2605409|1500802717

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Vary: Accept
Set-Cookie: i=9fc1dd2e-a62c-0945-195b-0f56d2605409|1500802717; Version=1; Expires=Mon, 23-Jul-2018 09:38:42 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1500802722|9D; Version=1; Expires=Mon, 07-Aug-2017 09:38:42 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
Server: OXGW/11.94.1
P3P: CP="CUR ADM OUR NOR STA NID"
Date: Sun, 23 Jul 2017 09:38:42 GMT
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   144
Md5:    0ee3d1ec9516bf623a4f9f4fe1ac0de7
Sha1:   1137f814defa2d841e3e419ae46f88421ea0d1f2
Sha256: 51a1db175deb1e8e69f4e16f07fe08c2760aa1241ab979f08c9c4cb6e79892d0
                                        
                                            GET /pixel?google_nid=openx&google_cm&google_sc HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909

                                         
                                         216.58.211.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
Date: Sun, 23 Jul 2017 09:38:42 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 292
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Sun, 23-Jul-2017 09:53:42 GMT; path=/; domain=.doubleclick.net


--- Additional Info ---
Magic:  HTML document text
Size:   292
Md5:    b6e453661d0ddf68898fe6de8bf77403
Sha1:   b5ada9403c9838f483e1ab74f2b4ac290bc5e26e
Sha256: 0cebcca4b12681a67614eb3055af0918df4f03b11d0ec0394a4c39e13d791829
                                        
                                            GET /pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP/1.1 
Host: cm.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909
Cookie: test_cookie=CheckForPermission

                                         
                                         216.58.211.130
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location: http://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDUGtEEmd-mNsYN-ZGyFpgI&google_cver=1
Date: Sun, 23 Jul 2017 09:38:42 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Server: HTTP server (unknown)
Content-Length: 294
X-XSS-Protection: 1; mode=block
Set-Cookie: id=254bfea263cb54c3||t=1500802722|et=730|cs=002213fd488932f877d7491a36; expires=Tue, 23-Jul-2019 09:38:42 GMT; path=/; domain=.doubleclick.net test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUnnlDSIVgGl3FSOx26CX8YUNm1zh3N__Vv6Xqhrz1AoHWewVdJ6YA; expires=Tue, 23-Jul-2019 09:38:42 GMT; path=/; domain=.doubleclick.net; HttpOnly


--- Additional Info ---
Magic:  HTML document text
Size:   294
Md5:    48574cb5bb451d53859d1cc912807902
Sha1:   143012b7b95efd90d0cf257843fbe30513ba98e2
Sha256: f2553203ec923c3fb4feefe340483d96485eb9cc1ace5199b145894644b4d4fb
                                        
                                            GET /w/1.0/sd?id=537072991&val=CAESEDUGtEEmd-mNsYN-ZGyFpgI&google_cver=1 HTTP/1.1 
Host: us-u.openx.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://us-u.openx.net/w/1.0/pd?plm=1&ph=8ca82b03-13ea-4d33-8d11-bca9ae7e5909
Cookie: i=9fc1dd2e-a62c-0945-195b-0f56d2605409|1500802717; pd=v2|1500802722|9D

                                         
                                         173.241.240.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Vary: Accept
Server: OXGW/11.94.1
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Date: Sun, 23 Jul 2017 09:38:42 GMT
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   456
Md5:    7467e39ab1983c9670a59c88fceee0a4
Sha1:   bdff1b2bf82aea8e1cad76917ac9c9f69dba98b7
Sha256: ee5ea424d71fe8b8878b6b38e91ef006cec77122e315000ddbeddf26c6a0903d