Overview

URL nwpresby.org.pandastats.net/
IP69.197.159.66
ASNAS32097 WholeSale Internet, Inc.
Location United States
Report completed2018-02-13 19:07:42 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-02-13 2 nwpresby.org.pandastats.net/ Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 69.197.159.66

Date UQ / IDS / BL URL IP
2018-07-08 10:51:37 +0200
0 - 0 - 1 unyumc.org.pandastats.net/ 69.197.159.66
2018-07-06 14:48:03 +0200
0 - 0 - 1 tnmed.org.pandastats.net/ 69.197.159.66
2018-07-03 07:35:30 +0200
0 - 0 - 0 69.197.159.66 69.197.159.66
2018-07-02 15:11:32 +0200
0 - 0 - 1 stmarysoakridge.org.pandastats.net/ 69.197.159.66
2018-07-02 13:16:14 +0200
0 - 0 - 1 bainbridgeyouthservices.org.pandastats.net/ 69.197.159.66
2018-06-30 14:04:46 +0200
0 - 0 - 1 pacificfishhabitat.org.pandastats.net/ 69.197.159.66
2018-06-29 10:39:05 +0200
0 - 0 - 1 authenticreflection.org.pandastats.net/ 69.197.159.66
2018-06-26 07:45:56 +0200
0 - 0 - 1 columbuscomp.org.pandastats.net/ 69.197.159.66
2018-06-25 08:20:03 +0200
0 - 0 - 1 19463.us.pandastats.net/ 69.197.159.66
2018-06-05 13:05:31 +0200
0 - 0 - 1 homeaidatlanta.org.pandastats.net/ 69.197.159.66

Last 10 reports on ASN: AS32097 WholeSale Internet, Inc.

Date UQ / IDS / BL URL IP
2018-09-17 12:15:09 +0200
0 - 0 - 0 www.bizarre.online 173.208.200.218
2018-09-17 11:38:27 +0200
0 - 0 - 0 vadfsa.6te.net 173.208.195.156
2018-09-17 10:57:01 +0200
0 - 0 - 0 beaufurn.com 208.110.70.26
2018-09-08 01:41:44 +0200
0 - 0 - 3 crswys.loan/b45.php 173.208.133.66
2018-09-08 01:14:31 +0200
0 - 0 - 4 x7b8t.info/b84.php?tag= 173.208.136.213
2018-09-08 01:06:45 +0200
0 - 3 - 3 beuvq.info/dxx 173.208.133.67
2018-09-08 00:44:33 +0200
0 - 3 - 3 g0nfdms1.ltd/hbb 173.208.133.67
2018-09-08 00:12:56 +0200
0 - 3 - 3 szfjwq.ltd/b58.php 173.208.133.68
2018-09-08 00:10:22 +0200
0 - 0 - 3 drwwlt.loan/b65.php 173.208.133.70
2018-09-07 23:48:57 +0200
0 - 3 - 3 ydmlz3hd.ltd/b26.php 173.208.133.69

No other reports on domain: pandastats.net



JavaScript

Executed Scripts (25)


Executed Evals (0)


Executed Writes (8)

#1 JavaScript::Write (size: 2568, repeated: 1) - SHA256: e514f8d53491ca1225e40733a84e6cce86f1fb443af7cac88b974dd440eaed87

                                        < !doctype html > < html > < body > < iframe style = "display:none"
data - ad - client = "ca-pub-3744029866517417"
id = "google_esf"
name = "google_esf"
src = "https://googleads.g.doubleclick.net/pagead/html/r20180207/r20170110/zrt_lookup.html#" > < /iframe><script>google_ad_format="326x250";google_ad_client="ca-pub-3744029866517417";google_adsbygoogle_status="done";gfwroml="";gfwromr="";gfwroh="";gfwrow="";gfwroz="";google_full_width_responsive_allowed=false;google_fwr_non_expansion_reason=2;google_responsive_formats=1;google_ad_width=326;google_ad_height=250;google_ad_resizable=true;google_override_format=1;google_responsive_auto_format=3;google_loader_features_used=128;google_ad_modifications={"plle":true,"eids":["62710015","62710017","38893302","21061122","191880502"],"loeids":["38893312"]};google_loader_used="aa";google_reactive_tag_first=true;google_ad_unit_key="1970189370";google_ad_dom_fingerprint="807048394";google_sailm=false;google_unique_id=1;google_async_iframe_id="aswift_0";google_start_time=1518545618931;google_pub_vars="JTdCJTIyZ29vZ2xlX2FkX2Zvcm1hdCUyMiUzQSUyMjMyNngyNTAlMjIlMkMlMjJnb29nbGVfYWRfY2xpZW50JTIyJTNBJTIyY2EtcHViLTM3NDQwMjk4NjY1MTc0MTclMjIlMkMlMjJnb29nbGVfYWRzYnlnb29nbGVfc3RhdHVzJTIyJTNBJTIyZG9uZSUyMiUyQyUyMmdmd3JvbWwlMjIlM0ElMjIlMjIlMkMlMjJnZndyb21yJTIyJTNBJTIyJTIyJTJDJTIyZ2Z3cm9oJTIyJTNBJTIyJTIyJTJDJTIyZ2Z3cm93JTIyJTNBJTIyJTIyJTJDJTIyZ2Z3cm96JTIyJTNBJTIyJTIyJTJDJTIyZ29vZ2xlX2Z1bGxfd2lkdGhfcmVzcG9uc2l2ZV9hbGxvd2VkJTIyJTNBZmFsc2UlMkMlMjJnb29nbGVfZndyX25vbl9leHBhbnNpb25fcmVhc29uJTIyJTNBMiUyQyUyMmdvb2dsZV9yZXNwb25zaXZlX2Zvcm1hdHMlMjIlM0ExJTJDJTIyZ29vZ2xlX2FkX3dpZHRoJTIyJTNBMzI2JTJDJTIyZ29vZ2xlX2FkX2hlaWdodCUyMiUzQTI1MCUyQyUyMmdvb2dsZV9hZF9yZXNpemFibGUlMjIlM0F0cnVlJTJDJTIyZ29vZ2xlX292ZXJyaWRlX2Zvcm1hdCUyMiUzQTElMkMlMjJnb29nbGVfcmVzcG9uc2l2ZV9hdXRvX2Zvcm1hdCUyMiUzQTMlMkMlMjJnb29nbGVfbG9hZGVyX2ZlYXR1cmVzX3VzZWQlMjIlM0ExMjglMkMlMjJnb29nbGVfYWRfbW9kaWZpY2F0aW9ucyUyMiUzQSU3QiUyMnBsbGUlMjIlM0F0cnVlJTJDJTIyZWlkcyUyMiUzQSU1QiUyMjYyNzEwMDE1JTIyJTJDJTIyNjI3MTAwMTclMjIlMkMlMjIzODg5MzMwMiUyMiUyQyUyMjIxMDYxMTIyJTIyJTJDJTIyMTkxODgwNTAyJTIyJTVEJTJDJTIybG9laWRzJTIyJTNBJTVCJTIyMzg4OTMzMTIlMjIlNUQlN0QlMkMlMjJnb29nbGVfbG9hZGVyX3VzZWQlMjIlM0ElMjJhYSUyMiUyQyUyMmdvb2dsZV9yZWFjdGl2ZV90YWdfZmlyc3QlMjIlM0F0cnVlJTJDJTIyZ29vZ2xlX2FkX3VuaXRfa2V5JTIyJTNBJTIyMTk3MDE4OTM3MCUyMiUyQyUyMmdvb2dsZV9hZF9kb21fZmluZ2VycHJpbnQlMjIlM0ElMjI4MDcwNDgzOTQlMjIlN0Q=";google_bpp=19;google_async_rrc=0;google_iframe_start_time=new Date().getTime();</script > < script src = "http://pagead2.googlesyndication.com/pagead/js/r20180207/r20170110/show_ads_impl.js" > < /script></body > < /html>
                                    

#2 JavaScript::Write (size: 2365, repeated: 1) - SHA256: b55da525f1217d72799c9fa7b73b2bfcde47242bc44bf69c918672210fdad918

                                        < !doctype html > < html > < body > < script > google_ad_format = "300x600";
google_ad_client = "ca-pub-3744029866517417";
google_adsbygoogle_status = "done";
gfwroml = "";
gfwromr = "";
gfwroh = "";
gfwrow = "";
gfwroz = "";
google_full_width_responsive_allowed = false;
google_fwr_non_expansion_reason = 2;
google_responsive_formats = 4;
google_ad_width = 300;
google_ad_height = 600;
google_ad_resizable = true;
google_override_format = 1;
google_responsive_auto_format = 4;
google_loader_features_used = 128;
google_ad_modifications = {
    "plle": true,
    "eids": ["62710015", "62710017", "38893302", "21061122", "191880502"],
    "loeids": ["38893312"]
};
google_loader_used = "aa";
google_reactive_tag_first = true;
google_ad_unit_key = "4088835707";
google_ad_dom_fingerprint = "807048394";
google_sailm = false;
google_unique_id = 2;
google_async_iframe_id = "aswift_1";
google_start_time = 1518545620564;
google_pub_vars = "JTdCJTIyZ29vZ2xlX2FkX2Zvcm1hdCUyMiUzQSUyMjMwMHg2MDAlMjIlMkMlMjJnb29nbGVfYWRfY2xpZW50JTIyJTNBJTIyY2EtcHViLTM3NDQwMjk4NjY1MTc0MTclMjIlMkMlMjJnb29nbGVfYWRzYnlnb29nbGVfc3RhdHVzJTIyJTNBJTIyZG9uZSUyMiUyQyUyMmdmd3JvbWwlMjIlM0ElMjIlMjIlMkMlMjJnZndyb21yJTIyJTNBJTIyJTIyJTJDJTIyZ2Z3cm9oJTIyJTNBJTIyJTIyJTJDJTIyZ2Z3cm93JTIyJTNBJTIyJTIyJTJDJTIyZ2Z3cm96JTIyJTNBJTIyJTIyJTJDJTIyZ29vZ2xlX2Z1bGxfd2lkdGhfcmVzcG9uc2l2ZV9hbGxvd2VkJTIyJTNBZmFsc2UlMkMlMjJnb29nbGVfZndyX25vbl9leHBhbnNpb25fcmVhc29uJTIyJTNBMiUyQyUyMmdvb2dsZV9yZXNwb25zaXZlX2Zvcm1hdHMlMjIlM0E0JTJDJTIyZ29vZ2xlX2FkX3dpZHRoJTIyJTNBMzAwJTJDJTIyZ29vZ2xlX2FkX2hlaWdodCUyMiUzQTYwMCUyQyUyMmdvb2dsZV9hZF9yZXNpemFibGUlMjIlM0F0cnVlJTJDJTIyZ29vZ2xlX292ZXJyaWRlX2Zvcm1hdCUyMiUzQTElMkMlMjJnb29nbGVfcmVzcG9uc2l2ZV9hdXRvX2Zvcm1hdCUyMiUzQTQlMkMlMjJnb29nbGVfbG9hZGVyX2ZlYXR1cmVzX3VzZWQlMjIlM0ExMjglMkMlMjJnb29nbGVfYWRfbW9kaWZpY2F0aW9ucyUyMiUzQSU3QiUyMnBsbGUlMjIlM0F0cnVlJTJDJTIyZWlkcyUyMiUzQSU1QiUyMjYyNzEwMDE1JTIyJTJDJTIyNjI3MTAwMTclMjIlMkMlMjIzODg5MzMwMiUyMiUyQyUyMjIxMDYxMTIyJTIyJTJDJTIyMTkxODgwNTAyJTIyJTVEJTJDJTIybG9laWRzJTIyJTNBJTVCJTIyMzg4OTMzMTIlMjIlNUQlN0QlMkMlMjJnb29nbGVfbG9hZGVyX3VzZWQlMjIlM0ElMjJhYSUyMiUyQyUyMmdvb2dsZV9yZWFjdGl2ZV90YWdfZmlyc3QlMjIlM0F0cnVlJTJDJTIyZ29vZ2xlX2FkX3VuaXRfa2V5JTIyJTNBJTIyNDA4ODgzNTcwNyUyMiUyQyUyMmdvb2dsZV9hZF9kb21fZmluZ2VycHJpbnQlMjIlM0ElMjI4MDcwNDgzOTQlMjIlN0Q=";
google_bpp = 139;
google_async_rrc = 0;
google_iframe_start_time = new Date().getTime(); < /script><script src="http:/ / pagead2.googlesyndication.com / pagead / js / r20180207 / r20170110 / show_ads_impl.js "></script></body></html>
                                    

#3 JavaScript::Write (size: 1399, repeated: 1) - SHA256: c813f97c1602b965a1ce92f53af9db3f6bd2d1c9a35293322264cb2a1b7af332

                                        < !doctype html > < html > < body > < script > google_reactive_ads_config = {};
google_ad_client = "pub-3744029866517417";
google_ad_modifications = {
    "plle": true,
    "eids": ["62710015", "62710017", "38893302", "21061122", "191880502"],
    "loeids": ["38893312"]
};
google_loader_used = "aa";
google_reactive_tag_first = true;
google_ad_format = "0x0";
google_ad_unit_key = "1812271804";
google_ad_dom_fingerprint = "807048394";
google_sailm = false;
google_unique_id = 2;
google_async_iframe_id = "aswift_2";
google_start_time = 1518545620564;
google_pub_vars = "JTdCJTIyZ29vZ2xlX3JlYWN0aXZlX2Fkc19jb25maWclMjIlM0ElN0IlN0QlMkMlMjJnb29nbGVfYWRfY2xpZW50JTIyJTNBJTIycHViLTM3NDQwMjk4NjY1MTc0MTclMjIlMkMlMjJnb29nbGVfYWRfbW9kaWZpY2F0aW9ucyUyMiUzQSU3QiUyMnBsbGUlMjIlM0F0cnVlJTJDJTIyZWlkcyUyMiUzQSU1QiUyMjYyNzEwMDE1JTIyJTJDJTIyNjI3MTAwMTclMjIlMkMlMjIzODg5MzMwMiUyMiUyQyUyMjIxMDYxMTIyJTIyJTJDJTIyMTkxODgwNTAyJTIyJTVEJTJDJTIybG9laWRzJTIyJTNBJTVCJTIyMzg4OTMzMTIlMjIlNUQlN0QlMkMlMjJnb29nbGVfbG9hZGVyX3VzZWQlMjIlM0ElMjJhYSUyMiUyQyUyMmdvb2dsZV9yZWFjdGl2ZV90YWdfZmlyc3QlMjIlM0F0cnVlJTJDJTIyZ29vZ2xlX2FkX2Zvcm1hdCUyMiUzQSUyMjB4MCUyMiUyQyUyMmdvb2dsZV9hZF91bml0X2tleSUyMiUzQSUyMjE4MTIyNzE4MDQlMjIlMkMlMjJnb29nbGVfYWRfZG9tX2ZpbmdlcnByaW50JTIyJTNBJTIyODA3MDQ4Mzk0JTIyJTdE";
google_bpp = 684;
google_async_rrc = 0;
google_iframe_start_time = new Date().getTime(); < /script><script src="http:/ / pagead2.googlesyndication.com / pagead / js / r20180207 / r20170110 / show_ads_impl.js "></script></body></html>
                                    

#4 JavaScript::Write (size: 1386, repeated: 1) - SHA256: 0537f6eeda33b7fc76e1533e990ff5ad57eb52b9b98c7b2a5f9c1f816c3cc66d

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "326"
height = "250"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3744029866517417&amp;output=html&amp;h=250&amp;adk=1970189370&amp;adf=807048394&amp;w=326&amp;fwrn=2&amp;lmt=1518545617&amp;loeid=38893312&amp;rafmt=3&amp;format=326x250&amp;url=http%3A%2F%2Fnwpresby.org.pandastats.net%2F&amp;ea=0&amp;flash=10.0.45&amp;fwr=0&amp;resp_fmts=1&amp;wgl=0&amp;adsid=NT&amp;dt=1518545618931&amp;bpp=19&amp;fdt=26&amp;idt=221&amp;shv=r20180207&amp;cbv=r20170110&amp;saldr=aa&amp;correlator=3621671703041&amp;frm=20&amp;ga_vid=662743780.1518545620&amp;ga_sid=1518545620&amp;ga_hid=1818591296&amp;ga_fc=0&amp;pv=2&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=105&amp;ady=172&amp;biw=1159&amp;bih=754&amp;abxe=1&amp;scr_x=0&amp;scr_y=0&amp;eid=62710015%2C62710017%2C38893302%2C21061122%2C191880502%2C389613001%2C41667000&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=784&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=144&amp;bc=1&amp;ifi=1&amp;dtd=1167"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#5 JavaScript::Write (size: 1418, repeated: 1) - SHA256: 45e07529e516999084e423bcfb85babcfc716758fa6c6bada7a231454d7143c7

                                        < iframe id = "google_ads_frame2"
name = "google_ads_frame2"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3744029866517417&amp;output=html&amp;adk=1812271804&amp;adf=807048394&amp;lmt=1518545617&amp;loeid=38893312&amp;plat=1%3A1085448%2C2%3A17862664%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C25%3A32768%2C26%3A32768&amp;format=0x0&amp;url=http%3A%2F%2Fnwpresby.org.pandastats.net%2F&amp;ea=0&amp;flash=10.0.45&amp;pra=5&amp;wgl=0&amp;adsid=NT&amp;dt=1518545620564&amp;bpp=684&amp;fdt=687&amp;idt=791&amp;shv=r20180207&amp;cbv=r20170110&amp;saldr=aa&amp;prev_fmts=326x250%2C300x600&amp;correlator=3621671703041&amp;frm=20&amp;ga_vid=662743780.1518545620&amp;ga_sid=1518545620&amp;ga_hid=1818591296&amp;ga_fc=0&amp;pv=1&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=0&amp;ady=0&amp;biw=1159&amp;bih=754&amp;abxe=1&amp;scr_x=0&amp;scr_y=0&amp;eid=62710015%2C62710017%2C38893302%2C21061122%2C191880502%2C389613001%2C41667000&amp;oid=3&amp;rx=0&amp;eae=6&amp;fc=784&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7Cr%7C&amp;abl=CS&amp;ppjl=u&amp;fu=16&amp;bc=1&amp;ifi=2&amp;dtd=826"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#6 JavaScript::Write (size: 1409, repeated: 1) - SHA256: 2cb533ef4b2ce166cf2b6124ddb60d4f484c39dcd6d46fa350b624511917e669

                                        < iframe id = "google_ads_frame2"
name = "google_ads_frame2"
width = "300"
height = "600"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3744029866517417&amp;output=html&amp;h=600&amp;adk=4088835707&amp;adf=807048394&amp;w=300&amp;fwrn=2&amp;lmt=1518545617&amp;loeid=38893312&amp;rafmt=4&amp;format=300x600&amp;url=http%3A%2F%2Fnwpresby.org.pandastats.net%2F&amp;ea=0&amp;flash=10.0.45&amp;fwr=0&amp;resp_fmts=4&amp;wgl=0&amp;adsid=NT&amp;dt=1518545620564&amp;bpp=139&amp;fdt=143&amp;idt=610&amp;shv=r20180207&amp;cbv=r20170110&amp;saldr=aa&amp;prev_fmts=326x250&amp;correlator=3621671703041&amp;frm=20&amp;ga_vid=662743780.1518545620&amp;ga_sid=1518545620&amp;ga_hid=1818591296&amp;ga_fc=0&amp;pv=1&amp;icsg=0&amp;nhd=1&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=60&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=749&amp;ady=147&amp;biw=1159&amp;bih=754&amp;abxe=1&amp;scr_x=0&amp;scr_y=0&amp;eid=62710015%2C62710017%2C38893302%2C21061122%2C191880502%2C389613001%2C41667000&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=784&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=144&amp;bc=1&amp;ifi=2&amp;dtd=656"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#7 JavaScript::Write (size: 108, repeated: 1) - SHA256: 60cdf17091050e9d8c0c5fa8705f070d01f8feb6a2a30e14c61e09ab00bc023f

                                        < script type = "text/javascript"
src = "https://ssl.gstatic.com/trends_nrtr/1308_RC02/embed_loader.js" > < /script>
                                    

#8 JavaScript::Write (size: 142, repeated: 1) - SHA256: 7625788b9c9969bb77bc33ae450aece9c3443e0379c6bb2b91c06e1200baad27

                                        < script > trends.embed.renderExploreWidgetFromOldParamaters("hl=nl&q=Nwpresby&content=1&cid=TIMESERIES_GRAPH_0&export=5&w=500&h=200"); < /script>
                                    


HTTP Transactions (41)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: nwpresby.org.pandastats.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         69.197.159.66
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 13 Feb 2018 18:31:35 GMT
Server: Apache/2.4.10 (Debian)
Expires: Mon, 02 Mar 1970 00:00:00 GMT
Last-Modified: GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8955
Keep-Alive: timeout=3, max=10000
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8955
Md5:    65ce6818f8658c978d3a14d64fca8563
Sha1:   6a1a2fc3066a9f964700e3dd4ab00593cb9c726d
Sha256: f2de792fc741fcf19e83c010ed01f22557bc48efd83fef7b08192d3748b9b6c7

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 13 Feb 2018 18:13:37 GMT
Expires: Tue, 13 Feb 2018 18:13:37 GMT
Cache-Control: private, max-age=3600
Etag: 6502682663518856185
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 26103
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   26103
Md5:    6ef11d0463c07a28cd7cf2803534c33b
Sha1:   22c83cf48df58218feda2b7c44729bbbd3c43fdc
Sha256: 4b1e7c12854ebf981237b37942a10e1ea9f0324332083e81150e5e73b04cbbd4
                                        
                                            GET /coop/cse/brand?form=cse-search-box&lang=en HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         172.217.21.132
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=en
Cache-Control: private
X-Content-Type-Options: nosniff
Date: Tue, 13 Feb 2018 18:13:37 GMT
Server: sffe
Content-Length: 266
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  HTML document text
Size:   266
Md5:    60e7be953e9ea91f15c136a9e16a8ec2
Sha1:   6e209a224e4a45e87ab676b371c280bb7a04ddc0
Sha256: 57849f9e1afb75978a36dbbce48213cfa4f6a374263c91778faa2ad243857ba7
                                        
                                            GET /trends/embed.js?hl=nl&q=Nwpresby&content=1&cid=TIMESERIES_GRAPH_0&export=5&w=500&h=200 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         172.217.21.132
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Location: https://trends.google.com/trends/embed.js?hl=nl&q=Nwpresby&content=1&cid=TIMESERIES_GRAPH_0&export=5&w=500&h=200
X-Content-Type-Options: nosniff
Date: Tue, 13 Feb 2018 18:13:37 GMT
Expires: Thu, 15 Mar 2018 18:13:37 GMT
Cache-Control: public, max-age=2592000
Server: sffe
Content-Length: 333
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  HTML document text
Size:   333
Md5:    fa891c9841e3eeb87be35e06700307aa
Sha1:   b96f2821526f19ca4e0c435b32a7e76c537e7dd4
Sha256: 7cc5906589f147ed8d0dd1401982f7675276c18814dc36f662f78517b36c8681
                                        
                                            GET /images/poweredby_transparent/poweredby_FFFFFF.gif HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         172.217.21.132
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
Content-Length: 488
Date: Tue, 13 Feb 2018 18:13:37 GMT
Expires: Tue, 13 Feb 2018 18:13:37 GMT
Cache-Control: private, max-age=31536000
Last-Modified: Mon, 01 May 2017 14:00:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  GIF image data, version 89a, 56 x 20
Size:   488
Md5:    7759990ff12382cab2e362e8de465c92
Sha1:   bf76285ae03b5544f889580113334d302f055c2b
Sha256: f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe
                                        
                                            GET /maps/api/staticmap?center=41.882400512695,-87.637603759766&zoom=11&size=500x200&sensor=false HTTP/1.1 
Host: maps.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         216.58.207.202
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 13 Feb 2018 18:13:38 GMT
Expires: Wed, 14 Feb 2018 18:13:38 GMT
Cache-Control: public, max-age=86400
Vary: Accept-Language
Access-Control-Allow-Origin: *
Server: staticmap
Content-Length: 21449
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  PNG image, 500 x 200, 8-bit colormap, non-interlaced
Size:   21449
Md5:    31bbb41f9a77e75519490a2231111847
Sha1:   a27b50bb258cf972b0c20f2967513df2f31b3a02
Sha256: 5daefa7b4bcfa8c56a550dfdde67512cdfee22adc5205942f71ff6be6c3e9b3e
                                        
                                            GET /theme/css/styles.css HTTP/1.1 
Host: pandastats.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         69.197.159.66
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 13 Feb 2018 18:31:35 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Sat, 21 May 2016 09:41:14 GMT
Etag: "1729-53357021a4280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2000
Keep-Alive: timeout=3, max=10000
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2000
Md5:    9c3d7a0937b9f78eac0431a8c1d2e2e8
Sha1:   6e86916739b3b2bf5a6fad3fc08dfa4da3c0a957
Sha256: dbbc80ad368890d793b146164a88c528fa5dfc17d8e6af9ea2bb0c18f9e6863b
                                        
                                            GET /ajax/libs/jquery/2.0.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         216.58.211.138
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 29456
Date: Thu, 01 Feb 2018 17:32:37 GMT
Expires: Fri, 01 Feb 2019 17:32:37 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 1039261


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29456
Md5:    6f742fcb047bb051cee723aba4ed98e4
Sha1:   cf5396bc5cedcbee6af2fbecbaf7ae3c29fc479b
Sha256: a9338df44048ff48e2cde71e168d430933230f5ec81bf89df61f25e0656a5b26
                                        
                                            GET /theme/css/bootstrap.min.css HTTP/1.1 
Host: pandastats.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         69.197.159.66
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 13 Feb 2018 18:31:35 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 09 Apr 2015 08:00:32 GMT
Etag: "1abce-513460ab7a800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18141
Keep-Alive: timeout=3, max=10000
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   18141
Md5:    75ac9f3aa86995c028c4a700c3b04321
Sha1:   a061911d2cb6f7689ff24a22fcb6b971d16a5f82
Sha256: 742dc055d132ced6c07bc9491dd8dc5627a0d5e427f92728420bc8309d3c8306
                                        
                                            GET /assets/panda_small.jpg HTTP/1.1 
Host: pandastats.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         69.197.159.66
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 13 Feb 2018 18:31:36 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Sat, 12 Oct 2013 17:54:00 GMT
Etag: "719-4e88eeb729e00"
Accept-Ranges: bytes
Content-Length: 1817
Keep-Alive: timeout=3, max=10000
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   1817
Md5:    3917c4a28d351ab997f71283eeb8bc06
Sha1:   314fd0efd316cf822385b07d8fa1510df08d2735
Sha256: 268910a2df539d68c99d538487621256e8ca9eea89274bc43b61f33d97561369
                                        
                                            GET /theme/js/scripts.js HTTP/1.1 
Host: pandastats.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         69.197.159.66
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 13 Feb 2018 18:31:36 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 09 Apr 2015 08:00:42 GMT
Etag: "15c-513460b503e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 196
Keep-Alive: timeout=3, max=10000
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   196
Md5:    6287931d1c85ff7e26c5971d50100b38
Sha1:   fde4066df485fce051375d2c5caa2045723f78bf
Sha256: 8978943e140979f1353ed36c311e95b714a2d3e6cd36c7e3a6708050147d55d0
                                        
                                            GET /theme/js/bootstrap.min.js HTTP/1.1 
Host: pandastats.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         69.197.159.66
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 13 Feb 2018 18:31:36 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Thu, 09 Apr 2015 08:00:41 GMT
Etag: "7c4b-513460b40fc40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8535
Keep-Alive: timeout=3, max=10000
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8535
Md5:    799959c3ec75e9ce052c04c03765215c
Sha1:   dee6c34991fc2d8080ce7dbb432ceeb7ef652dc9
Sha256: 7fc18f8496aeb2cc51213a0f1aff925fd8cefa95149f5cf6764a003ce44b188e
                                        
                                            GET /graph?&w=500&h=200&o=f&c=1&y=t&b=ffffff&r=4m&u=nwpresby.org& HTTP/1.1 
Host: traffic.alexa.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         35.170.0.108
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Tue, 13 Feb 2018 18:13:38 GMT
Server: nginx
Via: 1.1 ip-172-30-63-191 (squid/3.5.20)
X-Cache: MISS from ip-172-30-63-191
X-Cache-Lookup: MISS from ip-172-30-63-191:3128
Content-Length: 3761
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image, 340 x 150, 8-bit/color RGB, non-interlaced
Size:   3761
Md5:    d893d444be7e8b0b96de77e9780f9b15
Sha1:   b0dce2f5ef081e5e7e3d8197872fb267407b104c
Sha256: c36a5c73a45c53f0c174f4c4e4c7c007713e7da289cded7f56278b27684d33bf
                                        
                                            GET /js/300/addthis_widget.js HTTP/1.1 
Host: s7.addthis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         104.122.220.14
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Last-Modified: Mon, 05 Feb 2018 17:46:41 GMT
Etag: "5a789881-57b6f"
Cache-Tag: client_dist
Surrogate-Key: client_dist
Timing-Allow-Origin: *
Cache-Control: public, max-age=600
Accept-Ranges: bytes
Content-Encoding: gzip
Date: Tue, 13 Feb 2018 18:13:38 GMT
Content-Length: 114498
Connection: keep-alive
Vary: Accept-Encoding
X-Distribution: 99
X-Host: s7.addthis.com


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   114498
Md5:    10d880bad1879e7acb100e6bce81ed29
Sha1:   837b74173a703800410309d25621f15c255b3a8e
Sha256: 1bb5342eebb85e269be4f9301d0d09a86438558f3e1cdd8fe4928fb150a461b7
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 18:13:38 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    559032e80fb5cf1a77122b337a396826
Sha1:   df08057278a86010a19acfa0906fa814d3c3116b
Sha256: 1676f491e6c254f80d510f0b0c5d9a1736f41ca7b7b1451bf443543ba5f16d21
                                        
                                            GET /css?family=Roboto:400 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://pandastats.net/theme/css/styles.css

                                         
                                         172.217.21.138
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 13 Feb 2018 18:13:38 GMT
Date: Tue, 13 Feb 2018 18:13:38 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   186
Md5:    bcd67d187f1ccc7f9c338fd228a2ee26
Sha1:   3484ccd0d574e9decc80313b7e979a61ff775ec1
Sha256: 86fe521f1b2016cbb86cb397abe367dcdb814dd5bb4c930582852ed02afd3259
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 18:13:38 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            GET /cse/api/branding.css HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         172.217.21.132
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://cse.google.com/cse/api/branding.css
Cache-Control: private
X-Content-Type-Options: nosniff
Date: Tue, 13 Feb 2018 18:13:38 GMT
Server: sffe
Content-Length: 240
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  HTML document text
Size:   240
Md5:    4a128d1db6f6c93d9f8de03bbd37a1b6
Sha1:   ad396167f79f9eaea536532639ef028a47dc86b1
Sha256: d62b7b4d06bafdb5716d6815ce080ad61557dd481784dbdc45fcc5c3430a11e9
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 18:13:38 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    ad5dfaaf3c7a620ae719913575634690
Sha1:   52cef8d75eb374e9a63b9c6a92b6858dbd50d45a
Sha256: 12f2b39fb901c7a19f046f375ab064c3fd68168759ae47056452bc5ca50d2496
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.52.27.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.12.2
Content-Length: 1391
Content-Transfer-Encoding: binary
Cache-Control: max-age=532018, public, no-transform, must-revalidate
Last-Modified: Mon, 12 Feb 2018 21:56:01 GMT
Expires: Mon, 19 Feb 2018 21:56:01 GMT
Date: Tue, 13 Feb 2018 18:13:38 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1391
Md5:    dab664d03e303a7b1deba30189c57d23
Sha1:   1a87b2335fc304a7783b6f7ffdb5ff97367d30de
Sha256: a420898c491aa5011be91b1f128d5401a72f65f88f6db5db605abde5677fb03d
                                        
                                            GET /adsid/integrator.js?domain=nwpresby.org.pandastats.net HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Tue, 13 Feb 2018 18:13:38 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   107
Md5:    5432a558d422eaeaa6f7e8a15c0c1134
Sha1:   252ee6dbb502fd998fbdc5721da5986b877f1c73
Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
                                        
                                            GET /adsid/integrator.js?domain=nwpresby.org.pandastats.net HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Tue, 13 Feb 2018 18:13:38 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   107
Md5:    5432a558d422eaeaa6f7e8a15c0c1134
Sha1:   252ee6dbb502fd998fbdc5721da5986b877f1c73
Sha256: e61d268069b171358cb5d545e31856cbc3ac2b995cff5e4f7043ae988dc44c6d
                                        
                                            GET /cse/api/branding.css HTTP/1.1 
Host: cse.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Last-Modified: Sat, 17 Nov 2007 23:34:50 GMT
Date: Mon, 12 Feb 2018 16:04:26 GMT
Expires: Wed, 14 Feb 2018 16:04:26 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: pfe
Content-Length: 322
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=172800
Age: 94152
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   322
Md5:    eb44259f9eed170ffd1b7293b57ca0f8
Sha1:   3099cbdc7f7ac67ec5863ae5f1a669163b56c6c4
Sha256: 7ddb01d9a89048ea77b75c1fc966e14c3c6c3bfe5d45b5b372f3d93ccc9670f4
                                        
                                            GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxM.woff HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://fonts.googleapis.com/css?family=Roboto:400
Origin: http://nwpresby.org.pandastats.net

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: font/woff
                                        
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 19824
Date: Mon, 12 Feb 2018 20:21:41 GMT
Expires: Tue, 12 Feb 2019 20:21:41 GMT
Last-Modified: Mon, 16 Oct 2017 17:32:56 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 78717


--- Additional Info ---
Magic:  data
Size:   19824
Md5:    bafb105baeb22d965c70fe52ba6b49d9
Sha1:   934014cc9bbe5883542be756b3146c05844b254f
Sha256: 1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed
                                        
                                            GET /coop/cse/brand?form=cse-search-box&lang=en HTTP/1.1 
Host: cse.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Date: Mon, 12 Feb 2018 20:48:27 GMT
Expires: Wed, 14 Feb 2018 20:48:27 GMT
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: pfe
Content-Length: 1181
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=172800
Age: 77111
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   1181
Md5:    0f3a3376db263065017f4f8a95f08342
Sha1:   e4982e1914c6f3f904b22aa073c6ba0e476b0a8a
Sha256: 8baa09a723059017000baca9c4cde1b35f0ca4228a24757b7d37394516a0d1f6
                                        
                                            GET /trends/embed.js?hl=nl&q=Nwpresby&content=1&cid=TIMESERIES_GRAPH_0&export=5&w=500&h=200 HTTP/1.1 
Host: trends.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         172.217.21.132
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Tue, 13 Feb 2018 18:13:38 GMT
Content-Encoding: gzip
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Set-Cookie: NID=123=eaJGVceH40BQuUu7x8cwK3ObVAE3PfyNxUNqr-mBPowDxMOAbNz3rHOq5W1kdbRX6rkUJOJ15G-yUSBkbrI5nraxPjpqKSpCDXJmwgosp6b1EM-8A5ZdtvWjJcyBYPaG;Domain=.google.com;Path=/;Expires=Wed, 15-Aug-2018 18:13:38 GMT;HttpOnly
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Size:   260
Md5:    49015ee2460eaf0bab13ef6bc7412287
Sha1:   2491bac9312161c0589d63ce2a8b3c5da785cd6f
Sha256: ab240ab8333585436fdc30984c0890ac3e109179b55432dd576c3534fc8a5c91
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request
Cookie: NID=123=eaJGVceH40BQuUu7x8cwK3ObVAE3PfyNxUNqr-mBPowDxMOAbNz3rHOq5W1kdbRX6rkUJOJ15G-yUSBkbrI5nraxPjpqKSpCDXJmwgosp6b1EM-8A5ZdtvWjJcyBYPaG

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 18:13:39 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    ad17711996ffe7d6872d00b86b38222c
Sha1:   6f53cf6f587ddabb8e0d0280f32ba86c25313df0
Sha256: 696c2c26fdf31414465f24a4d88560754997aa2a56eb848d21da72dbc78fbc93
                                        
                                            GET /pagead/js/r20180207/r20170110/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Tue, 13 Feb 2018 18:13:39 GMT
Expires: Tue, 13 Feb 2018 18:13:39 GMT
Cache-Control: private, max-age=1209600
Etag: 4433304288936196502
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 67646
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   67646
Md5:    cce91a88f525640083b0ebe057a30af4
Sha1:   b9cf4be249b5af3dda774dfb75e73d482da706c5
Sha256: dd6dac5265c4b1796715889313e4b9271b4547f66739424357f89dc45eac882b
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 13 Feb 2018 18:13:40 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    5bdd8feecb39defc59e56620463a2b3d
Sha1:   4d839110401dd2ac7595e9306a5f6f32ec646029
Sha256: d68dc4fdc945a8722b2f7d53d0cb6d47d63256ada305d89ea6e6c62899d36b16
                                        
                                            GET /cse/static/images/1x/googlelogo_lightgrey_46x16dp.png HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         172.217.21.132
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Content-Length: 551
Date: Tue, 13 Feb 2018 18:13:40 GMT
Expires: Tue, 13 Feb 2018 18:13:40 GMT
Cache-Control: private, max-age=31536000
Last-Modified: Wed, 11 Jan 2017 21:30:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  PNG image, 46 x 16, 8-bit gray+alpha, non-interlaced
Size:   551
Md5:    9f2dcf82a5c6b3b5cd521c1e2d5393bb
Sha1:   7beb35b6c76ca02feef18834d5091a915d958c60
Sha256: ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
                                        
                                            GET /pagead/html/r20180207/r20170110/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Wed, 07 Feb 2018 20:57:24 GMT
Expires: Wed, 21 Feb 2018 20:57:24 GMT
Etag: 7893540961313292660
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6819
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 508576
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6819
Md5:    8caea4ee531aab9f5d9328f80b7b23f3
Sha1:   3c1b05353b141a9e742555def5993bee1ec31ecd
Sha256: 0c3ec59d66f4780431ae46c09d53fe92c858ea2f05c6a5e02a17ab56d4428ff4
                                        
                                            GET /pub-config/r20160913/ca-pub-3744029866517417.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 125
Date: Tue, 13 Feb 2018 08:46:38 GMT
Expires: Tue, 13 Feb 2018 20:46:38 GMT
Last-Modified: Sun, 11 Feb 2018 21:16:31 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 1; mode=block
Age: 34022
Cache-Control: public, max-age=43200
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   125
Md5:    21aea2dae0239adff4f9f063cdacfc76
Sha1:   ce64c497ac1dd86393da79e8cea239de113c1de7
Sha256: a59ee78166b8467dd7dd8c7acb03d8df7d16cf4a04f45c8558366df1c33b868f
                                        
                                            GET /pagead/js/r20180207/r20170110/osd.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Date: Thu, 08 Feb 2018 04:05:11 GMT
Expires: Thu, 22 Feb 2018 04:05:11 GMT
Etag: 14152819666964886147
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 29995
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 482909
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   29995
Md5:    ca42dee86b721494eb2a8c4f93c4508d
Sha1:   17ee6f68a61be238ce54d20d056a7a5834c52d80
Sha256: ea4ea916582c5f861acd268ab627997ac61a0a978dbeb3ff1685e0f0679a9ea5
                                        
                                            GET /pagead/ads?client=ca-pub-3744029866517417&output=html&h=250&adk=1970189370&adf=807048394&w=326&fwrn=2&lmt=1518545617&loeid=38893312&rafmt=3&format=326x250&url=http%3A%2F%2Fnwpresby.org.pandastats.net%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=1&wgl=0&adsid=NT&dt=1518545618931&bpp=19&fdt=26&idt=221&shv=r20180207&cbv=r20170110&saldr=aa&correlator=3621671703041&frm=20&ga_vid=662743780.1518545620&ga_sid=1518545620&ga_hid=1818591296&ga_fc=0&pv=2&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=105&ady=172&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=62710015%2C62710017%2C38893302%2C21061122%2C191880502%2C389613001%2C41667000&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=1&dtd=1167 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 13 Feb 2018 18:13:40 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Tue, 13-Feb-2018 18:28:40 GMT; path=/; domain=.doubleclick.net
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 13 Feb 2018 18:13:40 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   368
Md5:    aa84dbd9aa8a70cd5db3c5c33f9d5a3a
Sha1:   47cc2169a6f457b6ba2a776804e04848b5adae7c
Sha256: 50c149ce39a3676f5054a22d9e990a23371f83e36e79ac9d161ce186fad903cf
                                        
                                            GET /trends_nrtr/1308_RC02/embed_loader.js HTTP/1.1 
Host: ssl.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         172.217.21.131
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3747
Date: Mon, 12 Feb 2018 17:08:07 GMT
Expires: Tue, 12 Feb 2019 17:08:07 GMT
Last-Modified: Mon, 05 Feb 2018 11:10:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000
Age: 90333
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   3747
Md5:    830a484ac34c4a97e9ab9bedc312faf2
Sha1:   2f2e3feb8ca857a276a7e1608e82bcf665662ade
Sha256: 136d8163b16d038012be755daf6bc7a9a05bc17bbdd2a7cf3236a4b9721cce7f
                                        
                                            GET /ga.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 13 Feb 2018 17:15:47 GMT
Expires: Tue, 13 Feb 2018 19:15:47 GMT
Last-Modified: Mon, 13 Nov 2017 20:19:12 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17172
Age: 3474
Cache-Control: public, max-age=7200


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17172
Md5:    43adefe535269f3b75e0f229d0dba4d6
Sha1:   5e3bed19757401b3aa6c8ab8b5f26aa17add8a3a
Sha256: fc7f9d5234f97de0433021d02e8969a93003d90bf16d40a9cb2d8f5c7bfaa398
                                        
                                            GET /pagead/ads?client=ca-pub-3744029866517417&output=html&h=600&adk=4088835707&adf=807048394&w=300&fwrn=2&lmt=1518545617&loeid=38893312&rafmt=4&format=300x600&url=http%3A%2F%2Fnwpresby.org.pandastats.net%2F&ea=0&flash=10.0.45&fwr=0&resp_fmts=4&wgl=0&adsid=NT&dt=1518545620564&bpp=139&fdt=143&idt=610&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=326x250&correlator=3621671703041&frm=20&ga_vid=662743780.1518545620&ga_sid=1518545620&ga_hid=1818591296&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=749&ady=147&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=62710015%2C62710017%2C38893302%2C21061122%2C191880502%2C389613001%2C41667000&oid=3&rx=0&eae=4&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=1&ifi=2&dtd=656 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/
Cookie: test_cookie=CheckForPermission

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 13 Feb 2018 18:13:41 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: IDE=AHWqTUlNqAMko9FyZK3TnuaHyHrpIWuZ2xj2hf-ygLfUTsMSY-hhotUpjWiQqTLg; expires=Thu, 13-Feb-2020 18:13:41 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 13 Feb 2018 18:13:41 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   369
Md5:    78a6c7c0b096159755703d98c50cf70f
Sha1:   98b0169b6384614ea72b7ac72021b68fc194a6a2
Sha256: 87537320fa011097b77c22c13c62019d2ada006ba1e5b439444c5de097a65d4f
                                        
                                            GET /r/__utm.gif?utmwv=5.7.1&utms=1&utmn=220772758&utmhn=nwpresby.org.pandastats.net&utmcs=UTF-8&utmsr=1176x885&utmvp=1159x754&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmdt=Nwpresby.org%20-%20Nwpresby&utmhid=1818591296&utmr=-&utmp=%2F&utmht=1518545621430&utmac=UA-25924407-5&utmcc=__utma%3D38991906.1041425581.1518545621.1518545621.1518545621.1%3B%2B__utmz%3D38991906.1518545621.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2135006727&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Date: Tue, 13 Feb 2018 18:13:41 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /pagead/ads?client=ca-pub-3744029866517417&output=html&adk=1812271804&adf=807048394&lmt=1518545617&loeid=38893312&plat=1%3A1085448%2C2%3A17862664%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C25%3A32768%2C26%3A32768&format=0x0&url=http%3A%2F%2Fnwpresby.org.pandastats.net%2F&ea=0&flash=10.0.45&pra=5&wgl=0&adsid=NT&dt=1518545620564&bpp=684&fdt=687&idt=791&shv=r20180207&cbv=r20170110&saldr=aa&prev_fmts=326x250%2C300x600&correlator=3621671703041&frm=20&ga_vid=662743780.1518545620&ga_sid=1518545620&ga_hid=1818591296&ga_fc=0&pv=1&icsg=0&nhd=1&dssz=0&mdo=0&mso=0&u_tz=60&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=0&ady=0&biw=1159&bih=754&abxe=1&scr_x=0&scr_y=0&eid=62710015%2C62710017%2C38893302%2C21061122%2C191880502%2C389613001%2C41667000&oid=3&rx=0&eae=6&fc=784&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7Cr%7C&abl=CS&ppjl=u&fu=16&bc=1&ifi=2&dtd=826 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/
Cookie: test_cookie=CheckForPermission

                                         
                                         216.58.211.130
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Tue, 13 Feb 2018 18:13:41 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: IDE=AHWqTUkCcR2QXyBVSk8HRxR6y08TlOGCs6tEhDO0aNwvD6QdF3E1t1gq5JTFvHUr; expires=Thu, 13-Feb-2020 18:13:41 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
Alt-Svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
Expires: Tue, 13 Feb 2018 18:13:41 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   64
Md5:    0781e865abae44cf8b10dc725d63f539
Sha1:   c9f5024f2a546880e819749c32e23830fef111cb
Sha256: 24a7e2c0a5b68aec6126a39465b792b761aab892d7060d78fbab1e14a4cf3363
                                        
                                            GET /s2/favicons?domain=nwpresby.org HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://nwpresby.org.pandastats.net/

                                         
                                         172.217.21.132
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Tue, 13 Feb 2018 18:13:45 GMT
Date: Tue, 13 Feb 2018 18:13:45 GMT
Cache-Control: private, max-age=86400
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Content-Security-Policy: script-src 'unsafe-inline' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Set-Cookie: NID=123=XyHmH32UQ_W9K5pNWI1BR0HVDL1s7TaCUojM4HtrKpxBhYoXTjqjw-W7RsRh1aK9ODT2b1oe3V08ek9kURNlYo4QDXUU8MF2j7P4CHnoeFVqMECR8mr-Cbwwap-CjJLv;Domain=.google.com;Path=/;Expires=Wed, 15-Aug-2018 18:13:45 GMT;HttpOnly


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
Size:   799
Md5:    83fc190bff7188df5ea73a1e07aa3d8d
Sha1:   cf0f4738d3a4ba249052af00e99af14e4115293a
Sha256: 7d9a71480f46e9a50ee5cb5324ce599cff730291d3475742c7e8341d583037c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: nwpresby.org.pandastats.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __utma=38991906.1041425581.1518545621.1518545621.1518545621.1; __utmb=38991906.1.10.1518545621; __utmc=38991906; __utmz=38991906.1518545621.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1

                                         
                                         69.197.159.66
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Date: Tue, 13 Feb 2018 18:31:43 GMT
Server: Apache/2.4.10 (Debian)
Last-Modified: Sat, 12 Oct 2013 17:50:00 GMT
Etag: "30b-4e88edd248200"
Accept-Ranges: bytes
Content-Length: 779
Keep-Alive: timeout=3, max=10000
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 16 x 16, 8-bit/color RGB, non-interlaced
Size:   779
Md5:    1d1151d07d1c4ce0f69b118b51ae5832
Sha1:   bf17aa8faa900214d9fb5b8c70d1e870e080aa9d
Sha256: bf294e9bf01301a5afb7d0be6ecc8cd1fd96313699df36e50fdf25fda8a2debc